 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.852216 |
| Categoría: | SuSE Local Security Checks |
| Título: | openSUSE: Security Advisory for mozilla-nspr (openSUSE-SU-2018:4283-1) |
| Resumen: | The remote host is missing an update for the 'mozilla-nspr'; package(s) announced via the openSUSE-SU-2018:4283-1 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'mozilla-nspr' package(s) announced via the openSUSE-SU-2018:4283-1 advisory. Vulnerability Insight: This update for mozilla-nss and mozilla-nspr fixes the following issues: Issues fixed in mozilla-nss: - Update to NSS 3.40.1 (bsc#1119105) - CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack (bsc#1119069) - CVE-2018-12384: Fixed an issue in the SSL handshake. NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. (bsc#1106873) - CVE-2018-0495: Fixed a memory-cache side-channel attack with ECDSA signatures (bsc#1097410) - Fixed a decryption failure during FFDHE key exchange - Various security fixes in the ASN.1 code Issues fixed in mozilla-nspr: - Update mozilla-nspr to 4.20 (bsc#1119105) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-1618=1 Affected Software/OS: mozilla-nspr on openSUSE Leap 15.0. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-0495 Debian Security Information: DSA-4231 (Google Search) https://www.debian.org/security/2018/dsa-4231 https://dev.gnupg.org/T4011 https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=9010d1576e278a4274ad3f4aa15776c28f6ba965 https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/ https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://lists.debian.org/debian-lts-announce/2018/06/msg00013.html RedHat Security Advisories: RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3221 RedHat Security Advisories: RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3505 RedHat Security Advisories: RHSA-2019:1296 https://access.redhat.com/errata/RHSA-2019:1296 RedHat Security Advisories: RHSA-2019:1297 https://access.redhat.com/errata/RHSA-2019:1297 RedHat Security Advisories: RHSA-2019:1543 https://access.redhat.com/errata/RHSA-2019:1543 RedHat Security Advisories: RHSA-2019:2237 https://access.redhat.com/errata/RHSA-2019:2237 http://www.securitytracker.com/id/1041144 http://www.securitytracker.com/id/1041147 https://usn.ubuntu.com/3689-1/ https://usn.ubuntu.com/3689-2/ https://usn.ubuntu.com/3692-1/ https://usn.ubuntu.com/3692-2/ https://usn.ubuntu.com/3850-1/ https://usn.ubuntu.com/3850-2/ |
| Copyright | Copyright (C) 2018 Greenbone Networks GmbH |
| Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |