Debian Nss vulnerabilities

CVE-2016-5285 [HIGH] CVE-2016-5285: nss - A Null pointer dereference vulnerability exists in Mozilla Network Security Serv... A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. Scope: local bookworm: resolved (fixed in 2:3.25-1) bullseye: resolved (fixed in 2:3.25-1) forky: resolved (fixed in 2:3.25-1) sid: re

CVE-2016-1978 [HIGH] CVE-2016-1978: nss - Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in... Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption. Scope: local bookwo

CVE-2016-2834 [HIGH] CVE-2016-2834: firefox - Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox ... Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. Scope: local sid: resolved (fixed in 47.0-1)

CVE-2016-1938 [MEDIUM] CVE-2016-1938: nss - The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Servic... The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function. Scope: local bookworm: resolved (fixed in 2:

CVE-2016-8635 [MEDIUM] CVE-2016-8635: nss - It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was ... It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group. Scope: local bookworm: resolved (fixed in 2:3.25-1) bullseye: resolved (fixed in 2:3.25-1) forky: resolved (fixed in

CVE-2016-0800 [MEDIUM] CVE-2016-0800: nss - The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and... The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack. Scope:

CVE-2016-9574 [MEDIUM] CVE-2016-9574: nss - nss before version 3.30 is vulnerable to a remote denial of service during the s... nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECDHE-ECDSA. Scope: local bookworm: resolved (fixed in 2:3.25-1) bullseye: resolved (fixed in 2:3.25-1) forky: resolved (fixed in 2:3.25-1) sid: resolved (fixed in 2:3.25-1) trixie: resolved (fixed in 2:3.25-1)

CVE-2016-9074 [MEDIUM] CVE-2016-9074: firefox-esr - An existing mitigation of timing side-channel attacks is insufficient in some ci... An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. Scope: local bookworm: resolved (fixed in 45.5.0esr-1) bullseye: resolved (fixed in 45.5.0esr-1) forky: resolved (fixed

CVE-2015-7182 [CRITICAL] CVE-2015-7182: nss - Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Serv... Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data. Scope: local b

CVE-2015-7181 [HIGH] CVE-2015-7181: nss - The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) bef... The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary

CVE-2015-2730 [MEDIUM] CVE-2015-2730: nss - Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefo... Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors. Scope: local bookworm: resolved (

CVE-2015-7575 [MEDIUM] CVE-2015-7575: gnutls28 - Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefo... Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision. Scope: local bookworm: resolved (fi

CVE-2015-2721 [MEDIUM] CVE-2015-2721: nss - Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox ... Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, a

CVE-2015-4000 [LOW] CVE-2015-4000: nss - The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a ... The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" is

CVE-2014-1490 [CRITICAL] CVE-2014-1490: nss - Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.... Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption ha

CVE-2014-1544 [CRITICAL] CVE-2014-1544: nss - Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.... Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust doma

CVE-2014-1569 [HIGH] CVE-2014-1569: nss - The definite_length_decoder function in lib/util/quickder.c in Mozilla Network S... The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeI

CVE-2014-1568 [HIGH] CVE-2014-1568: nss - Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, a... Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome

CVE-2014-1492 [MEDIUM] CVE-2014-1492: nss - The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checkin... The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate. Scope: local bookworm: resolved (

CVE-2014-1491 [MEDIUM] CVE-2014-1491: nss - Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefo... Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handli