Test Kennung:	1.3.6.1.4.1.25623.1.0.806954
Kategorie:	General
Titel:	Mozilla ESR Spoofing Vulnerability - Jan16 (Windows)
Zusammenfassung:	This host is installed with Mozilla; Firefox ESR and is prone to spoofing vulnerability.
Beschreibung:	Summary: This host is installed with Mozilla Firefox ESR and is prone to spoofing vulnerability. Vulnerability Insight: The flaw exists due to Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic does not reject MD5 signatures. Vulnerability Impact: Successful exploitation will allow remote attackers to spoof servers by triggering a collision. Affected Software/OS: Mozilla Firefox ESR version before 38.5.2 on Windows. Solution: Upgrade to Mozilla Firefox ESR version 38.5.2 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7575 BugTraq ID: 79684 http://www.securityfocus.com/bid/79684 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 Debian Security Information: DSA-3436 (Google Search) http://www.debian.org/security/2016/dsa-3436 Debian Security Information: DSA-3437 (Google Search) http://www.debian.org/security/2016/dsa-3437 Debian Security Information: DSA-3457 (Google Search) http://www.debian.org/security/2016/dsa-3457 Debian Security Information: DSA-3458 (Google Search) http://www.debian.org/security/2016/dsa-3458 Debian Security Information: DSA-3465 (Google Search) http://www.debian.org/security/2016/dsa-3465 Debian Security Information: DSA-3491 (Google Search) http://www.debian.org/security/2016/dsa-3491 Debian Security Information: DSA-3688 (Google Search) http://www.debian.org/security/2016/dsa-3688 https://security.gentoo.org/glsa/201701-46 https://security.gentoo.org/glsa/201706-18 https://security.gentoo.org/glsa/201801-15 RedHat Security Advisories: RHSA-2016:0049 http://rhn.redhat.com/errata/RHSA-2016-0049.html RedHat Security Advisories: RHSA-2016:0050 http://rhn.redhat.com/errata/RHSA-2016-0050.html RedHat Security Advisories: RHSA-2016:0053 http://rhn.redhat.com/errata/RHSA-2016-0053.html RedHat Security Advisories: RHSA-2016:0054 http://rhn.redhat.com/errata/RHSA-2016-0054.html RedHat Security Advisories: RHSA-2016:0055 http://rhn.redhat.com/errata/RHSA-2016-0055.html RedHat Security Advisories: RHSA-2016:0056 http://rhn.redhat.com/errata/RHSA-2016-0056.html RedHat Security Advisories: RHSA-2016:1430 https://access.redhat.com/errata/RHSA-2016:1430 http://www.securitytracker.com/id/1034541 http://www.securitytracker.com/id/1036467 SuSE Security Announcement: SUSE-SU-2016:0256 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html SuSE Security Announcement: SUSE-SU-2016:0265 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html SuSE Security Announcement: SUSE-SU-2016:0269 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html SuSE Security Announcement: openSUSE-SU-2015:2405 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html SuSE Security Announcement: openSUSE-SU-2016:0007 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html SuSE Security Announcement: openSUSE-SU-2016:0161 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html SuSE Security Announcement: openSUSE-SU-2016:0162 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html SuSE Security Announcement: openSUSE-SU-2016:0263 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html SuSE Security Announcement: openSUSE-SU-2016:0268 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html SuSE Security Announcement: openSUSE-SU-2016:0270 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html SuSE Security Announcement: openSUSE-SU-2016:0272 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html SuSE Security Announcement: openSUSE-SU-2016:0279 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html SuSE Security Announcement: openSUSE-SU-2016:0307 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html SuSE Security Announcement: openSUSE-SU-2016:0308 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html SuSE Security Announcement: openSUSE-SU-2016:0488 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html SuSE Security Announcement: openSUSE-SU-2016:0605 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html http://www.ubuntu.com/usn/USN-2863-1 http://www.ubuntu.com/usn/USN-2864-1 http://www.ubuntu.com/usn/USN-2865-1 http://www.ubuntu.com/usn/USN-2866-1 http://www.ubuntu.com/usn/USN-2884-1 http://www.ubuntu.com/usn/USN-2904-1
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.