Detections
Analytics
FreeBSD : NSS -- multiple vulnerabilities (c4292768-5273-4f17-a267-c5fe35125ce4)
high Nessus Plugin ID 89768
Language:
Synopsis
The remote FreeBSD host is missing one or more security-related updates.Description
Mozilla Foundation reports :Security researcher Francis Gabriel reported a heap-based buffer overflow in the way the Network Security Services (NSS) libraries parsed certain ASN.1 structures. An attacker could create a specially crafted certificate which, when parsed by NSS, would cause it to crash or execute arbitrary code with the permissions of the user.
Mozilla developer Tim Taubert used the Address Sanitizer tool and software fuzzing to discover a use-after-free vulnerability while processing DER encoded keys in the Network Security Services (NSS) libraries. The vulnerability overwrites the freed memory with zeroes.
Solution
Update the affected packages.See Also
https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/
https://hg.mozilla.org/projects/nss/rev/b9a31471759d
Plugin Details
Severity: High
ID: 89768
File Name: freebsd_pkg_c429276852734f17a267c5fe35125ce4.nasl
Version: 2.10
Type: local
Family: FreeBSD Local Security Checks
Published: 3/9/2016
Updated: 1/4/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: High
Base Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:linux-seamonkey, p-cpe:/a:freebsd:freebsd:linux-c6-nss, cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:nss, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-thunderbird
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 3/8/2016
Vulnerability Publication Date: 3/8/2016
Reference Information
CVE: CVE-2016-1950, CVE-2016-1979