Rapid7 Vulnerability & Exploit Database

RHSA-2011:0472: nss security update

Back to Search

RHSA-2011:0472: nss security update

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
04/28/2011
Created
07/25/2018
Added
05/12/2011
Modified
07/04/2017

Description

Network Security Services (NSS) is a set of libraries designed to supportthe development of security-enabled client and server applications.This erratum blacklists a small number of HTTPS certificates by addingthem, flagged as untrusted, to the NSS Builtin Object Token (thelibnssckbi.so library) certificate store. (BZ#689430)Note: This fix only applies to applications using the NSS Builtin ObjectToken. It does not blacklist the certificates for applications that use theNSS library, but do not use the NSS Builtin Object Token (such as curl).All NSS users should upgrade to these updated packages, which correct thisissue. After installing the update, applications using NSS must berestarted for the changes to take effect.

Solution(s)

  • redhat-upgrade-nss
  • redhat-upgrade-nss-debuginfo
  • redhat-upgrade-nss-devel
  • redhat-upgrade-nss-pkcs11-devel
  • redhat-upgrade-nss-sysinit
  • redhat-upgrade-nss-tools

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;