Rapid7 Vulnerability & Exploit Database

RHSA-2010:0862: nss security update

Back to Search

RHSA-2010:0862: nss security update

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
10/21/2010
Created
07/25/2018
Added
11/18/2010
Modified
07/04/2017

Description

Network Security Services (NSS) is a set of libraries designed to supportthe development of security-enabled client and server applications.A flaw was found in the way NSS matched SSL certificates when thecertificates had a Common Name containing a wildcard and a partial IPaddress. NSS incorrectly accepted connections to IP addresses that fellwithin the SSL certificate's wildcard range as valid SSL connections,possibly allowing an attacker to conduct a man-in-the-middle attack.(CVE-2010-3170)All NSS users should upgrade to these updated packages, which provide NSSversion 3.12.8 to resolve this issue. After installing the update,applications using NSS must be restarted for the changes to take effect.

Solution(s)

  • redhat-upgrade-nss
  • redhat-upgrade-nss-debuginfo
  • redhat-upgrade-nss-devel
  • redhat-upgrade-nss-pkcs11-devel
  • redhat-upgrade-nss-softokn
  • redhat-upgrade-nss-softokn-debuginfo
  • redhat-upgrade-nss-softokn-devel
  • redhat-upgrade-nss-softokn-freebl
  • redhat-upgrade-nss-sysinit
  • redhat-upgrade-nss-tools
  • redhat-upgrade-nss-util
  • redhat-upgrade-nss-util-debuginfo
  • redhat-upgrade-nss-util-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;