ID de Prueba:	1.3.6.1.4.1.25623.1.0.70553
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 2339-1 (nss)
Resumen:	The remote host is missing an update to nss;announced via advisory DSA 2339-1.
Descripción:	Summary: The remote host is missing an update to nss announced via advisory DSA 2339-1. Vulnerability Insight: This update to the NSS cryptographic libraries revokes the trust in the DigiCert Sdn. Bhd certificate authority. This update also fixes an insecure load path for pkcs11.txt configuration file (CVE-2011-3640). For the oldstable distribution (lenny), this problem has been fixed in version 3.12.3.1-0lenny7. For the stable distribution (squeeze), this problem has been fixed in version 3.12.8-1+squeeze4. For the unstable distribution (sid), this problem has been fixed in version 3.13.1.with.ckbi.1.88-1. Solution: We recommend that you upgrade your nss packages. CVSS Score: 7.1 CVSS Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3640 http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html http://code.google.com/p/chromium/issues/detail?id=97426 https://bugzilla.mozilla.org/show_bug.cgi?id=641052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414 http://securityreason.com/securityalert/8483 SuSE Security Announcement: openSUSE-SU-2012:0030 (Google Search) https://hermes.opensuse.org/messages/13154861 SuSE Security Announcement: openSUSE-SU-2012:0063 (Google Search) https://hermes.opensuse.org/messages/13155432
Copyright	Copyright (C) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.