|
Netscape Multiple Products NSS Library Vulnerability
|
|
Secunia Advisory:
|
SA12379
|
|
|
Release Date:
|
2004-08-25
|
|
Last Update:
|
2004-09-06
|
|
Popularity:
|
8,627 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | Netscape Certificate Management System 4.x
Netscape Directory Server 4.x
Netscape Directory Server 6.x
Netscape Enterprise Server 3.x
Netscape Enterprise Server 6.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2004-0826
|
|
Description:
ISS X-Force has reported a vulnerability in the NSS library included with various Netscape products, which can be exploited by malicious people to compromise a vulnerable system.
For more information:
SA12362
The following products reportedly include the affected library:
* Netscape Enterprise Server
* Netscape Personalization Engine
* Netscape Directory Server
* Netscape Certificate Management System
Solution:
Install the original NSS library, disable SSLv2 support, or filter access to affected SSL-based services.
Provided and/or discovered by:
Mark Dowd, ISS X-Force.
Changelog:
2004-08-26: Added latest versions as affected.
2004-09-06: Added CVE reference.
Other References:
SA12362:
http://secunia.com/advisories/12362/
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
