Vulnerability Name:

CVE-2009-2409 (CCN-52523)

Assigned:2009-07-29
Published:2009-07-29
Updated:2023-02-13
Summary:The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time.
Note: the scope of this issue is currently limited because the amount of computation required is still large.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
2.6 Low (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
1.9 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Consequences:Other
References:Source: MITRE
Type: CNA
CVE-2009-2409

Source: secalert@redhat.com
Type: Patch
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: CCN
Type: VMSA-2010-0009
ESXi utilities and ESX Service Console third party updates

Source: CCN
Type: VMSA-2010-0015
VMware ESX third party updates for Service Console

Source: CCN
Type: VMSA-2010-0019
VMware ESX third party updates for Service Console

Source: CCN
Type: RHSA-2009-1184
Critical: nspr and nss security and bug fix update

Source: CCN
Type: RHSA-2009-1186
Critical: nspr and nss security, bug fix, and enhancement update

Source: CCN
Type: RHSA-2009-1190
Critical: nspr and nss security and bug fix update

Source: CCN
Type: RHSA-2009-1207
Critical: nspr and nss security update

Source: CCN
Type: RHSA-2009-1432
Critical: seamonkey security update

Source: CCN
Type: RHSA-2009-1560
Critical: java-1.6.0-sun security update

Source: CCN
Type: RHSA-2009-1571
Critical: java-1.5.0-sun security update

Source: CCN
Type: RHSA-2009-1584
Important: java-1.6.0-openjdk security update

Source: CCN
Type: RHSA-2009-1662
Low: Red Hat Network Satellite Server Sun Java Runtime security update

Source: CCN
Type: RHSA-2010-0054
Moderate: openssl security update

Source: CCN
Type: RHSA-2010-0163
Moderate: openssl security update

Source: CCN
Type: RHSA-2010-0166
Moderate: gnutls security update

Source: CCN
Type: SA39920
VMware vMA kernel Multiple Vulnerabilities

Source: CCN
Type: SA39972
VMware ESXi ntp Mode 7 Request Denial of Service

Source: CCN
Type: SA39973
VMware ESX Multiple krb5 Vulnerabilities

Source: CCN
Type: SA39974
VMware ESX GCC libtool Search Path Privilege Escalation Security Issue

Source: CCN
Type: SA39975
VMware ESX gzip unlzw() Integer Underflow Vulnerability

Source: CCN
Type: SA39976
VMware vMA OpenSSL CRYPTO_free_all_ex_data() Memory Leak Vulnerability

Source: CCN
Type: SA39977
VMware vMA Multiple krb5 Vulnerabilities

Source: CCN
Type: SA39979
VMware vMA GCC libtool Search Path Privilege Escalation Security Issue

Source: CCN
Type: SA39980
VMware vMA gzip unlzw() Integer Underflow Vulnerability

Source: CCN
Type: SA39981
VMware vMA sudo Privilege Escalation Security Issues

Source: CCN
Type: SA40060
Attachmate Reflection Multiple Vulnerabilities

Source: CCN
Type: SA41618
VMware ESX Server Service Console Multiple Vulnerabilities

Source: CCN
Type: SA42467
VMware ESX Console OS (COS) Update for openssl

Source: CCN
Type: SA42529
VMware ESX Console OS (COS) Update for bzip2

Source: CCN
Type: SA42530
VMware ESX Console OS (COS) bzip2 Integer Overflow Vulnerability

Source: CCN
Type: SA42531
VMware ESX Console OS (COS) Update for samba

Source: CCN
Type: SA43082
syslog-ng Multiple Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: SECTRACK ID: 1022631
Network Security Services Library Supports Certificates With Weak MD2 Hash Signatures

Source: CCN
Type: Apple Web site
About Security Update 2009-006 / Mac OS X v10.6.2

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: DEBIAN
Type: DSA-1874
nss -- several vulnerabilities

Source: DEBIAN
Type: DSA-1888
openssl097 -- cryptographic weakness

Source: DEBIAN
Type: DSA-1935
gnutls26 -- several vulnerabilities

Source: CCN
Type: GLSA-200912-01
OpenSSL: Multiple vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: TLSA-2009-31
Multiple vulnerabilities exist in webnavi

Source: CCN
Type: USN-809-1
GnuTLS vulnerabilities

Source: CCN
Type: USN-810-1
NSS vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: USN-810-2
NSPR update

Source: CCN
Type: USN-810-3
NSS regression

Source: CCN
Type: USN-830-1
OpenSSL vulnerability

Source: CCN
Type: USN-859-1
OpenJDK vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla Bug 510197
CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
nss-md2-certificate-spoofing(52523)

Source: CCN
Type: BalaBit Web site
syslog-ng Premium Edition 3.0.6a has been released

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.0.22:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.0.23:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.0.24:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.0.25:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.15:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.18:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.19:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.20:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.21:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.22:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.23:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.2.8.1a1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.14:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.15:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.12:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.13:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.18:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.19:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.16:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.17:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.10:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:2.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.11:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:gnutls:1.7.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.11.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.11.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.11.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.11.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.12.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.12.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.9.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.7.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.7.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:nss:3.2:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:esx:3.5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:esx_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20092409
    V
    		CVE-2009-2409
    2015-11-16
    oval:org.mitre.oval:def:29071
    P
    		USN-810-3 -- NSS regression
    2015-08-17
    oval:org.mitre.oval:def:29169
    P
    		RHSA-2009:1186 -- nspr and nss security, bug fix, and enhancement update (Critical)
    2015-08-17
    oval:org.mitre.oval:def:28898
    P
    		RHSA-2009:1584 -- java-1.6.0-openjdk security update (Important)
    2015-08-17
    oval:org.mitre.oval:def:25180
    V
    		Vulnerability in OpenSSL 0.9.8 through 0.9.8k, might allow remote attackers to spoof certificates
    2014-08-18
    oval:org.mitre.oval:def:13780
    P
    		USN-810-2 -- nspr update
    2014-06-30
    oval:org.mitre.oval:def:13409
    P
    		USN-830-1 -- openssl vulnerability
    2014-06-30
    oval:org.mitre.oval:def:13825
    P
    		USN-809-1 -- gnutls12, gnutls13, gnutls26 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13850
    P
    		USN-810-1 -- nss vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13907
    P
    		USN-859-1 -- openjdk-6 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:8111
    P
    		DSA-1874 nss -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:20167
    P
    		DSA-1935-1 gnutls13 gnutls26 - SSL certificate
    2014-06-23
    oval:org.mitre.oval:def:8289
    P
    		DSA-1935 gnutls13 gnutls26 -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:13721
    P
    		DSA-1888-1 openssl, openssl097 -- cryptographic weakness
    2014-06-23
    oval:org.mitre.oval:def:13737
    P
    		DSA-1874-1 nss -- several
    2014-06-23
    oval:org.mitre.oval:def:22987
    P
    		ELSA-2010:0054: openssl security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:22412
    P
    		ELSA-2009:1186: nspr and nss security, bug fix, and enhancement update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:23000
    P
    		ELSA-2010:0166: gnutls security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:22949
    P
    		ELSA-2009:1560: java-1.6.0-sun security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:22979
    P
    		ELSA-2009:1584: java-1.6.0-openjdk security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:22032
    P
    		ELSA-2009:1571: java-1.5.0-sun security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:21795
    P
    		RHSA-2010:0054: openssl security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:21828
    P
    		RHSA-2010:0166: gnutls security update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:6631
    V
    		Network Security Services Library Supports Certificates With Weak MD2 Hash Signatures
    2014-01-20
    oval:org.mitre.oval:def:8594
    V
    		VMware Network Security Services (NSS) certificate spoofing vulnerability by using MD2 design flaw
    2014-01-20
    oval:org.mitre.oval:def:7155
    V
    		VMware ESX, Service Console update for OpenSSL, GnuTLS, NSS and NSPR.
    2014-01-20
    oval:org.mitre.oval:def:10763
    V
    		The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.
    2013-04-29
    oval:com.redhat.rhsa:def:20100163
    P
    		RHSA-2010:0163: openssl security update (Moderate)
    2010-03-25
    oval:com.redhat.rhsa:def:20100166
    P
    		RHSA-2010:0166: gnutls security update (Moderate)
    2010-03-25
    oval:com.redhat.rhsa:def:20100054
    P
    		RHSA-2010:0054: openssl security update (Moderate)
    2010-01-20
    oval:org.debian:def:1935
    V
    		several vulnerabilities
    2009-11-17
    oval:com.redhat.rhsa:def:20091584
    P
    		RHSA-2009:1584: java-1.6.0-openjdk security update (Important)
    2009-11-16
    oval:com.redhat.rhsa:def:20091571
    P
    		RHSA-2009:1571: java-1.5.0-sun security update (Critical)
    2009-11-10
    oval:com.redhat.rhsa:def:20091560
    P
    		RHSA-2009:1560: java-1.6.0-sun security update (Critical)
    2009-11-09
    oval:org.debian:def:1888
    V
    		cryptographic weakness
    2009-09-15
    oval:com.redhat.rhsa:def:20091432
    P
    		RHSA-2009:1432: seamonkey security update (Critical)
    2009-09-09
    oval:org.debian:def:1874
    V
    		several vulnerabilities
    2009-08-26
    oval:com.redhat.rhsa:def:20091184
    P
    		RHSA-2009:1184: nspr and nss security and bug fix update (Critical)
    2009-07-30
    oval:com.redhat.rhsa:def:20091186
    P
    		RHSA-2009:1186: nspr and nss security, bug fix, and enhancement update (Critical)
    2009-07-30
    BACK
    mozilla firefox *
    openssl openssl 0.9.8a
    gnu gnutls 1.0.16
    gnu gnutls 1.0.17
    gnu gnutls 1.0.18
    gnu gnutls 1.0.19
    gnu gnutls 1.0.20
    gnu gnutls 1.0.21
    gnu gnutls 1.0.22
    gnu gnutls 1.0.23
    gnu gnutls 1.0.24
    gnu gnutls 1.0.25
    gnu gnutls 1.1.14
    gnu gnutls 1.1.15
    gnu gnutls 1.1.16
    gnu gnutls 1.1.17
    gnu gnutls 1.1.18
    gnu gnutls 1.1.19
    gnu gnutls 1.1.20
    gnu gnutls 1.1.21
    gnu gnutls 1.1.22
    gnu gnutls 1.1.23
    gnu gnutls 1.2.0
    gnu gnutls 1.2.1
    gnu gnutls 1.2.10
    gnu gnutls 1.2.11
    gnu gnutls 1.2.2
    gnu gnutls 1.2.3
    gnu gnutls 1.2.4
    gnu gnutls 1.2.5
    gnu gnutls 1.2.6
    gnu gnutls 1.2.7
    gnu gnutls 1.2.8
    gnu gnutls 1.2.9
    gnu gnutls 1.3.0
    gnu gnutls 1.3.1
    gnu gnutls 1.3.2
    gnu gnutls 1.3.3
    gnu gnutls 1.3.4
    gnu gnutls 1.3.5
    gnu gnutls 1.4.0
    gnu gnutls 1.4.1
    openssl openssl 0.9.8
    openssl openssl 0.9.8b
    openssl openssl 0.9.8c
    openssl openssl 0.9.8d
    openssl openssl 0.9.8e
    gnu gnutls 1.4.5
    gnu gnutls 1.6.3
    gnu gnutls 2.0.4
    gnu gnutls 2.2.0
    gnu gnutls 2.2.1
    gnu gnutls 2.2.2
    gnu gnutls 2.2.3
    gnu gnutls 1.1.13
    openssl openssl 0.9.8f
    openssl openssl 0.9.8g
    openssl openssl 0.9.8h
    gnu gnutls 2.3.5
    gnu gnutls 2.3.6
    gnu gnutls 2.3.7
    gnu gnutls 2.3.8
    gnu gnutls 2.3.9
    gnu gnutls 2.4.0
    gnu gnutls 2.6.0
    gnu gnutls 2.4.1
    gnu gnutls 2.4.2
    openssl openssl 0.9.8i
    openssl openssl 0.9.8j
    gnu gnutls 2.6.1
    gnu gnutls 2.6.2
    gnu gnutls 2.6.3
    openssl openssl 0.9.8k
    gnu gnutls 2.5.0
    gnu gnutls 2.3.11
    gnu gnutls 2.3.2
    gnu gnutls 2.3.4
    gnu gnutls 2.3.3
    gnu gnutls 1.2.8.1a1
    gnu gnutls 1.7.14
    gnu gnutls 1.7.15
    gnu gnutls 1.7.12
    gnu gnutls 1.7.13
    gnu gnutls 1.7.18
    gnu gnutls 1.7.19
    gnu gnutls 2.2.5
    gnu gnutls 1.7.16
    gnu gnutls 2.2.4
    gnu gnutls 1.7.17
    gnu gnutls 1.5.0
    gnu gnutls 2.0.2
    gnu gnutls 1.4.4
    gnu gnutls 2.0.3
    gnu gnutls 1.4.3
    gnu gnutls 2.0.0
    gnu gnutls 1.4.2
    gnu gnutls 2.0.1
    gnu gnutls 1.5.4
    gnu gnutls 2.1.2
    gnu gnutls 1.5.3
    gnu gnutls 2.1.3
    gnu gnutls 1.5.2
    gnu gnutls 2.1.0
    gnu gnutls 1.5.1
    gnu gnutls 2.1.1
    gnu gnutls 1.6.1
    gnu gnutls 2.1.7
    gnu gnutls 1.6.2
    gnu gnutls 2.1.6
    gnu gnutls 1.5.5
    gnu gnutls 2.1.5
    gnu gnutls 1.6.0
    gnu gnutls 2.1.4
    gnu gnutls 1.7.2
    gnu gnutls 1.7.3
    gnu gnutls 2.3.1
    gnu gnutls 1.7.0
    gnu gnutls 2.3.0
    gnu gnutls 1.7.1
    gnu gnutls 2.1.8
    gnu gnutls 1.7.6
    gnu gnutls 1.7.7
    gnu gnutls 1.7.4
    gnu gnutls 1.7.5
    gnu gnutls 1.7.10
    gnu gnutls 2.3.10
    gnu gnutls 1.7.11
    gnu gnutls 1.7.8
    gnu gnutls 1.7.9
    mozilla nss 3.11.8
    mozilla nss 3.11.2
    mozilla nss 3.6
    mozilla nss 3.12
    mozilla nss 3.11.7
    mozilla nss 3.4
    mozilla nss 3.11.4
    mozilla nss 3.0
    mozilla nss 3.12.2
    mozilla nss 3.12.1
    mozilla nss 3.5
    mozilla nss 3.4.2
    mozilla nss 3.4.3
    mozilla nss 3.4.1
    mozilla nss 3.6.1
    mozilla nss 3.10
    mozilla nss 3.9.5
    mozilla nss 3.9
    mozilla nss 3.7.7
    mozilla nss 3.7.5
    mozilla nss 3.7
    mozilla nss 3.7.1
    mozilla nss 3.7.2
    mozilla nss 3.7.3
    mozilla nss 3.8
    mozilla nss 3.3.2
    mozilla nss 3.3.1
    mozilla nss 3.3
    mozilla nss 3.2.1
    mozilla nss 3.2
    gentoo linux *
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake multi network firewall 2.0
    redhat rhel extras 4
    canonical ubuntu 6.06
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    mandrakesoft mandrake linux 2008.1
    canonical ubuntu 8.04
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    debian debian linux 5.0
    vmware esx 3.5
    mandriva linux 2009.1
    mandriva linux 2009.1
    apple mac os x 10.5.8
    apple mac os x server 10.5.8
    apple mac os x server 10.6
    apple mac os x 10.6
    vmware esx server 4.0
    apple mac os x server 10.6.1
    apple mac os x 10.6.1
    mandriva enterprise server 5
    mandriva enterprise server 5