var-202010-0252
Vulnerability from variot
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service. ========================================================================= Ubuntu Security Notice USN-4215-1 December 09, 2019
nss vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
NSS could be made to crash if it received a specially crafted certificate. An attacker could possibly use this issue to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04: libnss3 2:3.42-1ubuntu2.4
Ubuntu 18.04 LTS: libnss3 2:3.35-2ubuntu2.6
Ubuntu 16.04 LTS: libnss3 2:3.28.4-0ubuntu0.16.04.9
Ubuntu 14.04 ESM: libnss3 2:3.28.4-0ubuntu0.14.04.5+esm3
Ubuntu 12.04 ESM: libnss3 2:3.28.4-0ubuntu0.12.04.6
After a standard system update you need to reboot your computer to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: nss and nss-softokn security update Advisory ID: RHSA-2021:0876-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0876 Issue date: 2021-03-16 CVE Names: CVE-2019-11756 CVE-2019-17006 CVE-2019-17007 CVE-2020-12403 ==================================================================== 1. Summary:
An update for nss and nss-softokn is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x
- Description:
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
-
nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756)
-
nss: Check length of inputs for cryptographic primitives (CVE-2019-17006)
-
nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS (CVE-2019-17007)
-
nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1703979 - CVE-2019-17007 nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS 1774835 - CVE-2019-11756 nss: Use-after-free in sftk_FreeSession due to improper refcounting 1775916 - CVE-2019-17006 nss: Check length of inputs for cryptographic primitives 1868931 - CVE-2020-12403 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read
- Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.6):
Source: nss-3.36.0-9.el7_6.src.rpm nss-softokn-3.36.0-7.el7_6.src.rpm
x86_64: nss-3.36.0-9.el7_6.i686.rpm nss-3.36.0-9.el7_6.x86_64.rpm nss-debuginfo-3.36.0-9.el7_6.i686.rpm nss-debuginfo-3.36.0-9.el7_6.x86_64.rpm nss-softokn-3.36.0-7.el7_6.i686.rpm nss-softokn-3.36.0-7.el7_6.x86_64.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.i686.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.x86_64.rpm nss-softokn-freebl-3.36.0-7.el7_6.i686.rpm nss-softokn-freebl-3.36.0-7.el7_6.x86_64.rpm nss-sysinit-3.36.0-9.el7_6.x86_64.rpm nss-tools-3.36.0-9.el7_6.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6):
x86_64: nss-debuginfo-3.36.0-9.el7_6.i686.rpm nss-debuginfo-3.36.0-9.el7_6.x86_64.rpm nss-devel-3.36.0-9.el7_6.i686.rpm nss-devel-3.36.0-9.el7_6.x86_64.rpm nss-pkcs11-devel-3.36.0-9.el7_6.i686.rpm nss-pkcs11-devel-3.36.0-9.el7_6.x86_64.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.i686.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.x86_64.rpm nss-softokn-devel-3.36.0-7.el7_6.i686.rpm nss-softokn-devel-3.36.0-7.el7_6.x86_64.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.i686.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.6):
Source: nss-3.36.0-9.el7_6.src.rpm nss-softokn-3.36.0-7.el7_6.src.rpm
ppc64: nss-3.36.0-9.el7_6.ppc.rpm nss-3.36.0-9.el7_6.ppc64.rpm nss-debuginfo-3.36.0-9.el7_6.ppc.rpm nss-debuginfo-3.36.0-9.el7_6.ppc64.rpm nss-devel-3.36.0-9.el7_6.ppc.rpm nss-devel-3.36.0-9.el7_6.ppc64.rpm nss-softokn-3.36.0-7.el7_6.ppc.rpm nss-softokn-3.36.0-7.el7_6.ppc64.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.ppc.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.ppc64.rpm nss-softokn-devel-3.36.0-7.el7_6.ppc.rpm nss-softokn-devel-3.36.0-7.el7_6.ppc64.rpm nss-softokn-freebl-3.36.0-7.el7_6.ppc.rpm nss-softokn-freebl-3.36.0-7.el7_6.ppc64.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.ppc.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.ppc64.rpm nss-sysinit-3.36.0-9.el7_6.ppc64.rpm nss-tools-3.36.0-9.el7_6.ppc64.rpm
ppc64le: nss-3.36.0-9.el7_6.ppc64le.rpm nss-debuginfo-3.36.0-9.el7_6.ppc64le.rpm nss-devel-3.36.0-9.el7_6.ppc64le.rpm nss-softokn-3.36.0-7.el7_6.ppc64le.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.ppc64le.rpm nss-softokn-devel-3.36.0-7.el7_6.ppc64le.rpm nss-softokn-freebl-3.36.0-7.el7_6.ppc64le.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.ppc64le.rpm nss-sysinit-3.36.0-9.el7_6.ppc64le.rpm nss-tools-3.36.0-9.el7_6.ppc64le.rpm
s390x: nss-3.36.0-9.el7_6.s390.rpm nss-3.36.0-9.el7_6.s390x.rpm nss-debuginfo-3.36.0-9.el7_6.s390.rpm nss-debuginfo-3.36.0-9.el7_6.s390x.rpm nss-devel-3.36.0-9.el7_6.s390.rpm nss-devel-3.36.0-9.el7_6.s390x.rpm nss-softokn-3.36.0-7.el7_6.s390.rpm nss-softokn-3.36.0-7.el7_6.s390x.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.s390.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.s390x.rpm nss-softokn-devel-3.36.0-7.el7_6.s390.rpm nss-softokn-devel-3.36.0-7.el7_6.s390x.rpm nss-softokn-freebl-3.36.0-7.el7_6.s390.rpm nss-softokn-freebl-3.36.0-7.el7_6.s390x.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.s390.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.s390x.rpm nss-sysinit-3.36.0-9.el7_6.s390x.rpm nss-tools-3.36.0-9.el7_6.s390x.rpm
x86_64: nss-3.36.0-9.el7_6.i686.rpm nss-3.36.0-9.el7_6.x86_64.rpm nss-debuginfo-3.36.0-9.el7_6.i686.rpm nss-debuginfo-3.36.0-9.el7_6.x86_64.rpm nss-devel-3.36.0-9.el7_6.i686.rpm nss-devel-3.36.0-9.el7_6.x86_64.rpm nss-softokn-3.36.0-7.el7_6.i686.rpm nss-softokn-3.36.0-7.el7_6.x86_64.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.i686.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.x86_64.rpm nss-softokn-devel-3.36.0-7.el7_6.i686.rpm nss-softokn-devel-3.36.0-7.el7_6.x86_64.rpm nss-softokn-freebl-3.36.0-7.el7_6.i686.rpm nss-softokn-freebl-3.36.0-7.el7_6.x86_64.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.i686.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.x86_64.rpm nss-sysinit-3.36.0-9.el7_6.x86_64.rpm nss-tools-3.36.0-9.el7_6.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source: nss-3.36.0-9.el7_6.src.rpm nss-softokn-3.36.0-7.el7_6.src.rpm
aarch64: nss-3.36.0-9.el7_6.aarch64.rpm nss-debuginfo-3.36.0-9.el7_6.aarch64.rpm nss-devel-3.36.0-9.el7_6.aarch64.rpm nss-softokn-3.36.0-7.el7_6.aarch64.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.aarch64.rpm nss-softokn-devel-3.36.0-7.el7_6.aarch64.rpm nss-softokn-freebl-3.36.0-7.el7_6.aarch64.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.aarch64.rpm nss-sysinit-3.36.0-9.el7_6.aarch64.rpm nss-tools-3.36.0-9.el7_6.aarch64.rpm
ppc64le: nss-3.36.0-9.el7_6.ppc64le.rpm nss-debuginfo-3.36.0-9.el7_6.ppc64le.rpm nss-devel-3.36.0-9.el7_6.ppc64le.rpm nss-softokn-3.36.0-7.el7_6.ppc64le.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.ppc64le.rpm nss-softokn-devel-3.36.0-7.el7_6.ppc64le.rpm nss-softokn-freebl-3.36.0-7.el7_6.ppc64le.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.ppc64le.rpm nss-sysinit-3.36.0-9.el7_6.ppc64le.rpm nss-tools-3.36.0-9.el7_6.ppc64le.rpm
s390x: nss-3.36.0-9.el7_6.s390.rpm nss-3.36.0-9.el7_6.s390x.rpm nss-debuginfo-3.36.0-9.el7_6.s390.rpm nss-debuginfo-3.36.0-9.el7_6.s390x.rpm nss-devel-3.36.0-9.el7_6.s390.rpm nss-devel-3.36.0-9.el7_6.s390x.rpm nss-softokn-3.36.0-7.el7_6.s390.rpm nss-softokn-3.36.0-7.el7_6.s390x.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.s390.rpm nss-softokn-debuginfo-3.36.0-7.el7_6.s390x.rpm nss-softokn-devel-3.36.0-7.el7_6.s390.rpm nss-softokn-devel-3.36.0-7.el7_6.s390x.rpm nss-softokn-freebl-3.36.0-7.el7_6.s390.rpm nss-softokn-freebl-3.36.0-7.el7_6.s390x.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.s390.rpm nss-softokn-freebl-devel-3.36.0-7.el7_6.s390x.rpm nss-sysinit-3.36.0-9.el7_6.s390x.rpm nss-tools-3.36.0-9.el7_6.s390x.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.6):
ppc64: nss-debuginfo-3.36.0-9.el7_6.ppc.rpm nss-debuginfo-3.36.0-9.el7_6.ppc64.rpm nss-pkcs11-devel-3.36.0-9.el7_6.ppc.rpm nss-pkcs11-devel-3.36.0-9.el7_6.ppc64.rpm
ppc64le: nss-debuginfo-3.36.0-9.el7_6.ppc64le.rpm nss-pkcs11-devel-3.36.0-9.el7_6.ppc64le.rpm
s390x: nss-debuginfo-3.36.0-9.el7_6.s390.rpm nss-debuginfo-3.36.0-9.el7_6.s390x.rpm nss-pkcs11-devel-3.36.0-9.el7_6.s390.rpm nss-pkcs11-devel-3.36.0-9.el7_6.s390x.rpm
x86_64: nss-debuginfo-3.36.0-9.el7_6.i686.rpm nss-debuginfo-3.36.0-9.el7_6.x86_64.rpm nss-pkcs11-devel-3.36.0-9.el7_6.i686.rpm nss-pkcs11-devel-3.36.0-9.el7_6.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
aarch64: nss-debuginfo-3.36.0-9.el7_6.aarch64.rpm nss-pkcs11-devel-3.36.0-9.el7_6.aarch64.rpm
ppc64le: nss-debuginfo-3.36.0-9.el7_6.ppc64le.rpm nss-pkcs11-devel-3.36.0-9.el7_6.ppc64le.rpm
s390x: nss-debuginfo-3.36.0-9.el7_6.s390.rpm nss-debuginfo-3.36.0-9.el7_6.s390x.rpm nss-pkcs11-devel-3.36.0-9.el7_6.s390.rpm nss-pkcs11-devel-3.36.0-9.el7_6.s390x.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-11756 https://access.redhat.com/security/cve/CVE-2019-17006 https://access.redhat.com/security/cve/CVE-2019-17007 https://access.redhat.com/security/cve/CVE-2020-12403 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYFDHndzjgjWX9erEAQhc7BAAkp67Ydt2JQVRfRhv2NUd0sjnWReLTvdP jCz5vIgKz8JIgmz/bc5I1MR8ZCSObdbsUEiv0exapuYneLNru//0dMGL2dv7Fkn5 Em5+ZuvLuDUq9id8TOOd5igNjBeJGKy4dJV46AXtgUHARHbiU5jcmOcCetkBY09J o0bK4wDc6YjvUBANaAQH/sWznAT+BNmtOeF00seAbIgic0m76HidFSQzcq8I+vtm mttqgZvz3+xYitS/63Z4AQofI3VFGX46CHZxekI7N1hIpML7QjiZw4gk8QgdpRWn wLtr661MIse/iS0l+4ZvQoWx5diuVwXudfGmisEXhsWtx79m8JSFNavmxSK9dvJ5 5F6K275OTX2W1GSUgU4IrKxWaLoBPQlC4yT36c4827qosGBjgufGyExgmqnTyQyR iobqDMUHq5RgjNsHNCzrm7CKAgwTUgyuN5QLoXwOsqxPfMt1uL8TI1Q5ULyuPJ+b 8IxbIPGgCZM/haNchD9Xoo1rDieT1JOtQNTfknss91AIQZH30n7i6F6/l8K7GJ16 1sFPnNI7aISjvhu/+jfgNpkoFi6Qyda5a8jSceWpY1yf83/jsxVpKMqgcoTf416z IFzoYxQqa0AM1efVfgtL1vnoAXw8yPt0PjXfcMUYWltIGbgO15L/hJZ6bCUu8FT6 BbaFUBBSJpw=m1vv -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce .
For the stable distribution (buster), these problems have been fixed in version 2:3.42.1-1+deb10u2.
We recommend that you upgrade your nss packages.
For the detailed security status of nss please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nss
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl3qzaYACgkQEMKTtsN8 TjZ7yg//SABSzXoip0pAHIT9lNxDFNL44E27iqRWeurCyfxnQNvNaeShakiTj1Yj sSb2pqo0+gGLsUgtQdKKc8yeOERvuihWRoVDroW7onYG93vpsZ1H8Z7HSEJOGMQl Bt/HcjayCfXrA313/B5SBTiKE/Ks4CvYQvk+BrFwjFEUoYhXzxXwfUIxym1L8+gq jG3Qsh38iOFhrXfXBe2PGaUGU6AVcS/BGTam31s1g54mta4a+obIbvvQu3MGHJLH UTTcVPy7PhK5dofufbJXo1QGqfgdLxsvZAqhcyU1cXBZa7k18Ykts9jKukwoDZV0 hR2jISnOddovQWdPWLqz/ENOTIkY8Ue5/cPIaQ+I9tAL2JOBHBmddP+WeqBxpO8o DpP+4EILROZQ5g+WjLT1Twsje3NJQYx6z7YmXo/0N0ELM+81Sono1wKTgegVBa0F 8eET2FDW45sKFOGV1QTTI5F1mSmgSHiTdtVl/riuzdWrdig8316dByz994dZD+Co TgMiALJWwiVDY6XHHrPwzmvqNoqlcUvNgh4v7tRkTL/YjlHxD+x8R08sRaVo5gqz Z4CyLaP1ByO0X/i4dkuVtD5kIX9GlqLRYkUSnOBhwaoPr7ZgZBCnJfyQixsME1L5 yOg6+j//ncYos+KWeb1upZdUHHB340UmTxbEtECa7jfanMcrtpw= =QZmZ -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202010-0252",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ruggedcom rox rx1501",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.14.0"
},
{
"model": "ruggedcom rox rx1400",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.14.0"
},
{
"model": "ruggedcom rox rx1510",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.14.0"
},
{
"model": "ruggedcom rox mx5000",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.14.0"
},
{
"model": "network security services",
"scope": "lt",
"trust": 1.0,
"vendor": "mozilla",
"version": "3.44"
},
{
"model": "ruggedcom rox rx1500",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.14.0"
},
{
"model": "ruggedcom rox rx5000",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.14.0"
},
{
"model": "ruggedcom rox rx1512",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.14.0"
},
{
"model": "ruggedcom rox rx1511",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.14.0"
},
{
"model": "network security services",
"scope": null,
"trust": 0.8,
"vendor": "mozilla",
"version": null
},
{
"model": "ruggedcom rox mx5000",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "ruggedcom rox rx1400",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "ruggedcom rox rx1500",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "ruggedcom rox rx1501",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "ruggedcom rox rx1510",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "ruggedcom rox rx1511",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "ruggedcom rox rx1512",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "ruggedcom rox rx5000",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-016069"
},
{
"db": "NVD",
"id": "CVE-2019-17007"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.44",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-17007"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu,Debian,Red Hat",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-023"
}
],
"trust": 0.6
},
"cve": "CVE-2019-17007",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-17007",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-17007",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-17007",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-023",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-17007",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-17007"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016069"
},
{
"db": "NVD",
"id": "CVE-2019-17007"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-023"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service. =========================================================================\nUbuntu Security Notice USN-4215-1\nDecember 09, 2019\n\nnss vulnerability\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 19.04\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nNSS could be made to crash if it received a specially crafted certificate. \nAn attacker could possibly use this issue to cause a denial of service. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 19.04:\n libnss3 2:3.42-1ubuntu2.4\n\nUbuntu 18.04 LTS:\n libnss3 2:3.35-2ubuntu2.6\n\nUbuntu 16.04 LTS:\n libnss3 2:3.28.4-0ubuntu0.16.04.9\n\nUbuntu 14.04 ESM:\n libnss3 2:3.28.4-0ubuntu0.14.04.5+esm3\n\nUbuntu 12.04 ESM:\n libnss3 2:3.28.4-0ubuntu0.12.04.6\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: nss and nss-softokn security update\nAdvisory ID: RHSA-2021:0876-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:0876\nIssue date: 2021-03-16\nCVE Names: CVE-2019-11756 CVE-2019-17006 CVE-2019-17007\n CVE-2020-12403\n====================================================================\n1. Summary:\n\nAn update for nss and nss-softokn is now available for Red Hat Enterprise\nLinux 7.6 Extended Update Support. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x\n\n3. Description:\n\nNetwork Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. \n\nSecurity Fix(es):\n\n* nss: Use-after-free in sftk_FreeSession due to improper refcounting\n(CVE-2019-11756)\n\n* nss: Check length of inputs for cryptographic primitives (CVE-2019-17006)\n\n* nss: Handling of Netscape Certificate Sequences in\nCERT_DecodeCertPackage() may crash with a NULL deref leading to DoS\n(CVE-2019-17007)\n\n* nss: CHACHA20-POLY1305 decryption with undersized tag leads to\nout-of-bounds read (CVE-2020-12403)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox)\nmust be restarted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1703979 - CVE-2019-17007 nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS\n1774835 - CVE-2019-11756 nss: Use-after-free in sftk_FreeSession due to improper refcounting\n1775916 - CVE-2019-17006 nss: Check length of inputs for cryptographic primitives\n1868931 - CVE-2020-12403 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read\n\n6. Package List:\n\nRed Hat Enterprise Linux ComputeNode EUS (v. 7.6):\n\nSource:\nnss-3.36.0-9.el7_6.src.rpm\nnss-softokn-3.36.0-7.el7_6.src.rpm\n\nx86_64:\nnss-3.36.0-9.el7_6.i686.rpm\nnss-3.36.0-9.el7_6.x86_64.rpm\nnss-debuginfo-3.36.0-9.el7_6.i686.rpm\nnss-debuginfo-3.36.0-9.el7_6.x86_64.rpm\nnss-softokn-3.36.0-7.el7_6.i686.rpm\nnss-softokn-3.36.0-7.el7_6.x86_64.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.i686.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.x86_64.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.i686.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.x86_64.rpm\nnss-sysinit-3.36.0-9.el7_6.x86_64.rpm\nnss-tools-3.36.0-9.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6):\n\nx86_64:\nnss-debuginfo-3.36.0-9.el7_6.i686.rpm\nnss-debuginfo-3.36.0-9.el7_6.x86_64.rpm\nnss-devel-3.36.0-9.el7_6.i686.rpm\nnss-devel-3.36.0-9.el7_6.x86_64.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.i686.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.x86_64.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.i686.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.x86_64.rpm\nnss-softokn-devel-3.36.0-7.el7_6.i686.rpm\nnss-softokn-devel-3.36.0-7.el7_6.x86_64.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.i686.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 7.6):\n\nSource:\nnss-3.36.0-9.el7_6.src.rpm\nnss-softokn-3.36.0-7.el7_6.src.rpm\n\nppc64:\nnss-3.36.0-9.el7_6.ppc.rpm\nnss-3.36.0-9.el7_6.ppc64.rpm\nnss-debuginfo-3.36.0-9.el7_6.ppc.rpm\nnss-debuginfo-3.36.0-9.el7_6.ppc64.rpm\nnss-devel-3.36.0-9.el7_6.ppc.rpm\nnss-devel-3.36.0-9.el7_6.ppc64.rpm\nnss-softokn-3.36.0-7.el7_6.ppc.rpm\nnss-softokn-3.36.0-7.el7_6.ppc64.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.ppc.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.ppc64.rpm\nnss-softokn-devel-3.36.0-7.el7_6.ppc.rpm\nnss-softokn-devel-3.36.0-7.el7_6.ppc64.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.ppc.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.ppc64.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.ppc.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.ppc64.rpm\nnss-sysinit-3.36.0-9.el7_6.ppc64.rpm\nnss-tools-3.36.0-9.el7_6.ppc64.rpm\n\nppc64le:\nnss-3.36.0-9.el7_6.ppc64le.rpm\nnss-debuginfo-3.36.0-9.el7_6.ppc64le.rpm\nnss-devel-3.36.0-9.el7_6.ppc64le.rpm\nnss-softokn-3.36.0-7.el7_6.ppc64le.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.ppc64le.rpm\nnss-softokn-devel-3.36.0-7.el7_6.ppc64le.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.ppc64le.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.ppc64le.rpm\nnss-sysinit-3.36.0-9.el7_6.ppc64le.rpm\nnss-tools-3.36.0-9.el7_6.ppc64le.rpm\n\ns390x:\nnss-3.36.0-9.el7_6.s390.rpm\nnss-3.36.0-9.el7_6.s390x.rpm\nnss-debuginfo-3.36.0-9.el7_6.s390.rpm\nnss-debuginfo-3.36.0-9.el7_6.s390x.rpm\nnss-devel-3.36.0-9.el7_6.s390.rpm\nnss-devel-3.36.0-9.el7_6.s390x.rpm\nnss-softokn-3.36.0-7.el7_6.s390.rpm\nnss-softokn-3.36.0-7.el7_6.s390x.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.s390.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.s390x.rpm\nnss-softokn-devel-3.36.0-7.el7_6.s390.rpm\nnss-softokn-devel-3.36.0-7.el7_6.s390x.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.s390.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.s390x.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.s390.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.s390x.rpm\nnss-sysinit-3.36.0-9.el7_6.s390x.rpm\nnss-tools-3.36.0-9.el7_6.s390x.rpm\n\nx86_64:\nnss-3.36.0-9.el7_6.i686.rpm\nnss-3.36.0-9.el7_6.x86_64.rpm\nnss-debuginfo-3.36.0-9.el7_6.i686.rpm\nnss-debuginfo-3.36.0-9.el7_6.x86_64.rpm\nnss-devel-3.36.0-9.el7_6.i686.rpm\nnss-devel-3.36.0-9.el7_6.x86_64.rpm\nnss-softokn-3.36.0-7.el7_6.i686.rpm\nnss-softokn-3.36.0-7.el7_6.x86_64.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.i686.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.x86_64.rpm\nnss-softokn-devel-3.36.0-7.el7_6.i686.rpm\nnss-softokn-devel-3.36.0-7.el7_6.x86_64.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.i686.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.x86_64.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.i686.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.x86_64.rpm\nnss-sysinit-3.36.0-9.el7_6.x86_64.rpm\nnss-tools-3.36.0-9.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):\n\nSource:\nnss-3.36.0-9.el7_6.src.rpm\nnss-softokn-3.36.0-7.el7_6.src.rpm\n\naarch64:\nnss-3.36.0-9.el7_6.aarch64.rpm\nnss-debuginfo-3.36.0-9.el7_6.aarch64.rpm\nnss-devel-3.36.0-9.el7_6.aarch64.rpm\nnss-softokn-3.36.0-7.el7_6.aarch64.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.aarch64.rpm\nnss-softokn-devel-3.36.0-7.el7_6.aarch64.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.aarch64.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.aarch64.rpm\nnss-sysinit-3.36.0-9.el7_6.aarch64.rpm\nnss-tools-3.36.0-9.el7_6.aarch64.rpm\n\nppc64le:\nnss-3.36.0-9.el7_6.ppc64le.rpm\nnss-debuginfo-3.36.0-9.el7_6.ppc64le.rpm\nnss-devel-3.36.0-9.el7_6.ppc64le.rpm\nnss-softokn-3.36.0-7.el7_6.ppc64le.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.ppc64le.rpm\nnss-softokn-devel-3.36.0-7.el7_6.ppc64le.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.ppc64le.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.ppc64le.rpm\nnss-sysinit-3.36.0-9.el7_6.ppc64le.rpm\nnss-tools-3.36.0-9.el7_6.ppc64le.rpm\n\ns390x:\nnss-3.36.0-9.el7_6.s390.rpm\nnss-3.36.0-9.el7_6.s390x.rpm\nnss-debuginfo-3.36.0-9.el7_6.s390.rpm\nnss-debuginfo-3.36.0-9.el7_6.s390x.rpm\nnss-devel-3.36.0-9.el7_6.s390.rpm\nnss-devel-3.36.0-9.el7_6.s390x.rpm\nnss-softokn-3.36.0-7.el7_6.s390.rpm\nnss-softokn-3.36.0-7.el7_6.s390x.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.s390.rpm\nnss-softokn-debuginfo-3.36.0-7.el7_6.s390x.rpm\nnss-softokn-devel-3.36.0-7.el7_6.s390.rpm\nnss-softokn-devel-3.36.0-7.el7_6.s390x.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.s390.rpm\nnss-softokn-freebl-3.36.0-7.el7_6.s390x.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.s390.rpm\nnss-softokn-freebl-devel-3.36.0-7.el7_6.s390x.rpm\nnss-sysinit-3.36.0-9.el7_6.s390x.rpm\nnss-tools-3.36.0-9.el7_6.s390x.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 7.6):\n\nppc64:\nnss-debuginfo-3.36.0-9.el7_6.ppc.rpm\nnss-debuginfo-3.36.0-9.el7_6.ppc64.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.ppc.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.ppc64.rpm\n\nppc64le:\nnss-debuginfo-3.36.0-9.el7_6.ppc64le.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.ppc64le.rpm\n\ns390x:\nnss-debuginfo-3.36.0-9.el7_6.s390.rpm\nnss-debuginfo-3.36.0-9.el7_6.s390x.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.s390.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.s390x.rpm\n\nx86_64:\nnss-debuginfo-3.36.0-9.el7_6.i686.rpm\nnss-debuginfo-3.36.0-9.el7_6.x86_64.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.i686.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):\n\naarch64:\nnss-debuginfo-3.36.0-9.el7_6.aarch64.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.aarch64.rpm\n\nppc64le:\nnss-debuginfo-3.36.0-9.el7_6.ppc64le.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.ppc64le.rpm\n\ns390x:\nnss-debuginfo-3.36.0-9.el7_6.s390.rpm\nnss-debuginfo-3.36.0-9.el7_6.s390x.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.s390.rpm\nnss-pkcs11-devel-3.36.0-9.el7_6.s390x.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-11756\nhttps://access.redhat.com/security/cve/CVE-2019-17006\nhttps://access.redhat.com/security/cve/CVE-2019-17007\nhttps://access.redhat.com/security/cve/CVE-2020-12403\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYFDHndzjgjWX9erEAQhc7BAAkp67Ydt2JQVRfRhv2NUd0sjnWReLTvdP\njCz5vIgKz8JIgmz/bc5I1MR8ZCSObdbsUEiv0exapuYneLNru//0dMGL2dv7Fkn5\nEm5+ZuvLuDUq9id8TOOd5igNjBeJGKy4dJV46AXtgUHARHbiU5jcmOcCetkBY09J\no0bK4wDc6YjvUBANaAQH/sWznAT+BNmtOeF00seAbIgic0m76HidFSQzcq8I+vtm\nmttqgZvz3+xYitS/63Z4AQofI3VFGX46CHZxekI7N1hIpML7QjiZw4gk8QgdpRWn\nwLtr661MIse/iS0l+4ZvQoWx5diuVwXudfGmisEXhsWtx79m8JSFNavmxSK9dvJ5\n5F6K275OTX2W1GSUgU4IrKxWaLoBPQlC4yT36c4827qosGBjgufGyExgmqnTyQyR\niobqDMUHq5RgjNsHNCzrm7CKAgwTUgyuN5QLoXwOsqxPfMt1uL8TI1Q5ULyuPJ+b\n8IxbIPGgCZM/haNchD9Xoo1rDieT1JOtQNTfknss91AIQZH30n7i6F6/l8K7GJ16\n1sFPnNI7aISjvhu/+jfgNpkoFi6Qyda5a8jSceWpY1yf83/jsxVpKMqgcoTf416z\nIFzoYxQqa0AM1efVfgtL1vnoAXw8yPt0PjXfcMUYWltIGbgO15L/hJZ6bCUu8FT6\nBbaFUBBSJpw=m1vv\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. \n \nFor the stable distribution (buster), these problems have been fixed in\nversion 2:3.42.1-1+deb10u2. \n\nWe recommend that you upgrade your nss packages. \n\nFor the detailed security status of nss please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/nss\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl3qzaYACgkQEMKTtsN8\nTjZ7yg//SABSzXoip0pAHIT9lNxDFNL44E27iqRWeurCyfxnQNvNaeShakiTj1Yj\nsSb2pqo0+gGLsUgtQdKKc8yeOERvuihWRoVDroW7onYG93vpsZ1H8Z7HSEJOGMQl\nBt/HcjayCfXrA313/B5SBTiKE/Ks4CvYQvk+BrFwjFEUoYhXzxXwfUIxym1L8+gq\njG3Qsh38iOFhrXfXBe2PGaUGU6AVcS/BGTam31s1g54mta4a+obIbvvQu3MGHJLH\nUTTcVPy7PhK5dofufbJXo1QGqfgdLxsvZAqhcyU1cXBZa7k18Ykts9jKukwoDZV0\nhR2jISnOddovQWdPWLqz/ENOTIkY8Ue5/cPIaQ+I9tAL2JOBHBmddP+WeqBxpO8o\nDpP+4EILROZQ5g+WjLT1Twsje3NJQYx6z7YmXo/0N0ELM+81Sono1wKTgegVBa0F\n8eET2FDW45sKFOGV1QTTI5F1mSmgSHiTdtVl/riuzdWrdig8316dByz994dZD+Co\nTgMiALJWwiVDY6XHHrPwzmvqNoqlcUvNgh4v7tRkTL/YjlHxD+x8R08sRaVo5gqz\nZ4CyLaP1ByO0X/i4dkuVtD5kIX9GlqLRYkUSnOBhwaoPr7ZgZBCnJfyQixsME1L5\nyOg6+j//ncYos+KWeb1upZdUHHB340UmTxbEtECa7jfanMcrtpw=\n=QZmZ\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-17007"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016069"
},
{
"db": "VULMON",
"id": "CVE-2019-17007"
},
{
"db": "PACKETSTORM",
"id": "155590"
},
{
"db": "PACKETSTORM",
"id": "161842"
},
{
"db": "PACKETSTORM",
"id": "155601"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-17007",
"trust": 2.8
},
{
"db": "ICS CERT",
"id": "ICSA-21-040-04",
"trust": 2.4
},
{
"db": "SIEMENS",
"id": "SSA-379803",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016069",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "155590",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "161842",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "155601",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2021.0491",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3355",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4579",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0933",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4524",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-023",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-17007",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-17007"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016069"
},
{
"db": "PACKETSTORM",
"id": "155590"
},
{
"db": "PACKETSTORM",
"id": "161842"
},
{
"db": "PACKETSTORM",
"id": "155601"
},
{
"db": "NVD",
"id": "CVE-2019-17007"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-023"
}
]
},
"id": "VAR-202010-0252",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.52540106
},
"last_update_date": "2023-12-18T11:09:19.648000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-379803",
"trust": 0.8,
"url": "https://developer.mozilla.org/en-us/docs/mozilla/projects/nss/nss_3.44_release_notes"
},
{
"title": "Mozilla Network Security Services Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=104251"
},
{
"title": "Ubuntu Security Notice: nss vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4215-1"
},
{
"title": "Debian Security Advisories: DSA-4579-1 nss -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=0af759a984821af0886871e7a26a298e"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-17007"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016069"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-023"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.0
},
{
"problemtype": "Bad certificate verification (CWE-295) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-016069"
},
{
"db": "NVD",
"id": "CVE-2019-17007"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04"
},
{
"trust": 1.7,
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1533216"
},
{
"trust": 1.7,
"url": "https://developer.mozilla.org/en-us/docs/mozilla/projects/nss/nss_3.44_release_notes"
},
{
"trust": 1.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17007"
},
{
"trust": 1.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"
},
{
"trust": 0.6,
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00034.html"
},
{
"trust": 0.6,
"url": "https://www.debian.org/security/2019/dsa-4579"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0491"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155601/debian-security-advisory-4579-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4524/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4579/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3355/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/155590/ubuntu-security-notice-usn-4215-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161842/red-hat-security-advisory-2021-0876-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0933"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/295.html"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4215-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4215-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/nss/2:3.42-1ubuntu2.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/nss/2:3.35-2ubuntu2.6"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.9"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12403"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17006"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0876"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17007"
},
{
"trust": 0.1,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17006"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11756"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11756"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12403"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11745"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/nss"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-17007"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016069"
},
{
"db": "PACKETSTORM",
"id": "155590"
},
{
"db": "PACKETSTORM",
"id": "161842"
},
{
"db": "PACKETSTORM",
"id": "155601"
},
{
"db": "NVD",
"id": "CVE-2019-17007"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-023"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2019-17007"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-016069"
},
{
"db": "PACKETSTORM",
"id": "155590"
},
{
"db": "PACKETSTORM",
"id": "161842"
},
{
"db": "PACKETSTORM",
"id": "155601"
},
{
"db": "NVD",
"id": "CVE-2019-17007"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-023"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-22T00:00:00",
"db": "VULMON",
"id": "CVE-2019-17007"
},
{
"date": "2021-05-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-016069"
},
{
"date": "2019-12-09T15:53:27",
"db": "PACKETSTORM",
"id": "155590"
},
{
"date": "2021-03-17T14:35:53",
"db": "PACKETSTORM",
"id": "161842"
},
{
"date": "2019-12-09T22:22:22",
"db": "PACKETSTORM",
"id": "155601"
},
{
"date": "2020-10-22T21:15:12.637000",
"db": "NVD",
"id": "CVE-2019-17007"
},
{
"date": "2019-12-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-023"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-02-19T00:00:00",
"db": "VULMON",
"id": "CVE-2019-17007"
},
{
"date": "2021-05-12T08:27:00",
"db": "JVNDB",
"id": "JVNDB-2019-016069"
},
{
"date": "2021-02-19T16:58:55.290000",
"db": "NVD",
"id": "CVE-2019-17007"
},
{
"date": "2021-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-023"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-023"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Network\u00a0Security\u00a0Services\u00a0 Vulnerability in Certificate Verification",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-016069"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-023"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.