CVSS: 4.3EPSS: 3%CPEs: 23EXPL: 0CVE-2011-5094
https://notcve.org/view.php?id=CVE-2011-5094
Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-1473. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment ** EN DISPUTA ** Mozilla Network Security Services (NSS) v3.x, con ciertos ajustes de la opción SSL_ENABLE_RENEGOTIATION, no restringen adecuadamente la renegociación iniciada por el cliente dentro de los protocolos SSL y TLS, lo que podría hacer más fácil para los atacantes remotos causar una denegación de servicio (consumo de CPU) mediante la realización de las renegociaciones de muchos dentro de una sola conexión, una vulnerabilidad diferente a CVE-2011-1473. NOTA: también se puede argumentar que es la responsabilidad de las implementaciones de servidores, no una biblioteca de seguridad, para prevenir o limitar la renegociación cuando es inapropiado dentro de un entorno específico. • http://orchilles.com/2011/03/ssl-renegotiation-dos.html http://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.html http://www.educatedguesswork.org/2011/10/ssltls_and_computational_dos.html http://www.ietf.org/mail-archive/web/tls/current/msg07553.html http://www.ietf.org/mail-archive/web/tls/current/msg07564.html http://www.ietf.org/mail-archive/web/tls/current/msg07567.html http://www.ietf.org/mail-archive/web/tls/current/msg07576.html http://www.ietf.org/mail- •
CVSS: 5.0EPSS: 10%CPEs: 198EXPL: 0CVE-2012-0441 – nss: NSS parsing errors with zero length items
https://notcve.org/view.php?id=CVE-2012-0441
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response. El decodificador ASN.1 en el decodificador QuickDER en Mozilla Network Security Services (NSS) antes de v3.13.4, como se usa en Firefox v4.x a v12.0, Firefox ESR v10.x antes de v10.0.5, Thunderbird v5.0 a v12.0, Thunderbird VSG v10.x antes de v10.0.5, y SeaMonkey antes de v2.10, permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de un elemento de longitud cero, como lo demuestra (1) una restricción básica de longitud cero o (2) un campo de longitud cero en una respuesta de OCSP. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00015.html http://secunia.com/advisories/49976 http://secunia.com/advisories/50316 http://www.debian.org/security/2012/dsa-2490 http://www.mandriva.com/security/advisories?name=MDVSA-2012:088 http://www.mozilla.org/security/announce/2012/mfsa2012-39.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securityfocu • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 60%CPEs: 7EXPL: 0CVE-2009-2404 – nss regexp heap overflow
https://notcve.org/view.php?id=CVE-2009-2404
Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function. Desbordamiento de búfer basado en memoria dinámica en el analizador de expresiones regulares en Mozilla NetWork Security Services (NSS) anteriores a 3.12.3 como las utilizadas en Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, y AOL Instant Messenger (AIM), permite a servidores SSL remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecución de código de su elección a través de un nombre de dominio largo en el campo Common Name (CN) en un certificado X.509, relativo a la función cert_TestHost_Name. • http://rhn.redhat.com/errata/RHSA-2009-1185.html http://secunia.com/advisories/36088 http://secunia.com/advisories/36102 http://secunia.com/advisories/36125 http://secunia.com/advisories/36139 http://secunia.com/advisories/36157 http://secunia.com/advisories/36434 http://secunia.com/advisories/37098 http://secunia.com/advisories/39428 http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021030.1-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2009-2408 – firefox/nss: doesn't handle NULL in Common Name properly
https://notcve.org/view.php?id=CVE-2009-2408
Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. NOTE: this was originally reported for Firefox before 3.5. Mozilla Firefox anterior a v3.5 y NSS anterior a v3.12.3 no tratan apropiadamente un carácter '\0' en un nombre de dominio en el campo nombre común (CN) del asunto de un certificado X.509, que permite a un atacante de hombre-en-el-medio suplantar servidores SSL arbitrarios a través de un certificado manipulado por una autoridad de certificación. • http://isc.sans.org/diary.html?storyid=7003 http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html http://marc.info/?l=oss-security&m=125198917018936&w=2 http://osvdb.org/56723 http://secunia.com/advisories/36088 http://secunia.com/advisories/36125 http://secunia.com/advisories/36139 http://secunia.com/advisories/36157 http://secunia.com/advisories/36434 http://secunia.com/advisories/36669 http://secunia.com/advisories/37098 http://sunsolve.sun.com • CWE-295: Improper Certificate Validation •
CVSS: 6.8EPSS: 96%CPEs: 10EXPL: 0CVE-2007-0009 – NSS: SSLv2 protocol buffer overflows
https://notcve.org/view.php?id=CVE-2007-0009
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values. Un desbordamiento de búfer en la región stack de la memoria en el soporte SSLv2 en Mozilla Network Security Services (NSS) anterior a versión 3.11.5, tal y como es usado por Firefox anterior a versión 1.5.0.10 y versión 2.x anterior a 2.0.0.2, Thunderbird anterior a versión 1.5.0.10, SeaMonkey anterior a versión 1.0.8, y ciertos productos de servidor Sun Java System anterior al 20070611, permite a los atacantes remotos ejecutar código arbitrario por medio de valores de longitud "Client Master Key" no válidos. • ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc http://fedoranews.org/cms/node/2709 http://fedoranews.org/cms/node/2711 http://fedoranews.org/cms/node/2747 http://fedoranews.org/cms/node/2749 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=483 http://lists.suse.com/archive/suse-s • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •