ID

VAR-201409-0340

CVE

CVE-2014-1568

TITLE

Mozilla Network Security Services (NSS) fails to properly verify RSA signatures

DESCRIPTION

Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue. The Mozilla Network Security Services (NSS) library fails to properly verify RSA signatures due to incorrect ASN.1 parsing of DigestInfo. This vulnerability may allow an attacker to forge a RSA signature, such as a SSL certificate. ============================================================================ Ubuntu Security Notice USN-2360-2 September 24, 2014 thunderbird vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. Software Description: - thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-2360-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory details: Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled parsing ASN.1 values. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: thunderbird 1:31.1.2+build1-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: thunderbird 1:31.1.2+build1-0ubuntu0.12.04.1 After a standard system update you need to restart Thunderbird to make all the necessary changes. For the stable distribution (wheezy), this problem has been fixed in version 24.8.1esr-1~deb7u1. For the testing distribution (jessie) and unstable distribution (sid), Icedove uses the system NSS library, handled in DSA 3033-1. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates (CVE-2014-1568). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: rhev-hypervisor6 security update Advisory ID: RHSA-2014:1354-01 Product: Red Hat Enterprise Virtualization Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1354.html Issue date: 2014-10-02 CVE Names: CVE-2014-1568 CVE-2014-6271 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 ===================================================================== 1. Summary: An updated rhev-hypervisor6 package that fixes several security issues is now available. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEV-M 3.4 - noarch 3. Description: The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. (CVE-2014-6271) It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. (CVE-2014-7169) A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. (CVE-2014-1568) It was discovered that the fixed-sized redir_stack could be forced to overflow in the Bash parser, resulting in memory corruption, and possibly leading to arbitrary code execution when evaluating untrusted input that would not otherwise be run as code. (CVE-2014-7186) An off-by-one error was discovered in the way Bash was handling deeply nested flow control constructs. Depending on the layout of the .bss segment, this could allow arbitrary execution of code that would not otherwise be executed by Bash. (CVE-2014-7187) Red Hat would like to thank Stephane Chazelas for reporting CVE-2014-6271, and the Mozilla project for reporting CVE-2014-1568. Upstream acknowledges Antoine Delignat-Lavaud and Intel Product Security Incident Response Team as the original reporters of CVE-2014-1568. The CVE-2014-7186 and CVE-2014-7187 issues were discovered by Florian Weimer of Red Hat Product Security. Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package. 4. Solution: This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 To upgrade Hypervisors in Red Hat Enterprise Virtualization environments using the disk image provided by this package, refer to: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/ht ml/Hypervisor_Deployment_Guide/chap-Deployment_Guide-Upgrading_Red_Hat_Ente rprise_Virtualization_Hypervisors.html 5. Bugs fixed (https://bugzilla.redhat.com/): 1141597 - CVE-2014-6271 bash: specially-crafted environment variables can be used to inject shell commands 1145429 - CVE-2014-1568 nss: RSA PKCS#1 signature verification forgery flaw (MFSA 2014-73) 1146319 - CVE-2014-7169 bash: code execution via specially-crafted environment (Incomplete fix for CVE-2014-6271) 1146791 - CVE-2014-7186 bash: parser can allow out-of-bounds memory access while handling redir_stack 1146804 - CVE-2014-7187 bash: off-by-one error in deeply nested flow control constructs 6. Package List: RHEV-M 3.4: Source: rhev-hypervisor6-6.5-20140930.1.el6ev.src.rpm noarch: rhev-hypervisor6-6.5-20140930.1.el6ev.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2014-1568.html https://www.redhat.com/security/data/cve/CVE-2014-6271.html https://www.redhat.com/security/data/cve/CVE-2014-7169.html https://www.redhat.com/security/data/cve/CVE-2014-7186.html https://www.redhat.com/security/data/cve/CVE-2014-7187.html https://access.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFULad7XlSAg2UNWIIRArccAJ95pkvG2fyfrI6g4Ve/+fAdnbQq2QCffmYR IH3VLRMcNTi5Gr1GmWlBiFg= =DD5a -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2015:059 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : nss Date : March 13, 2015 Affected: Business Server 2.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in the Mozilla NSS and NSPR packages: The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name&#039;s U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate (CVE-2014-1492). Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain (CVE-2014-1544). The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function&#039;s improper handling of an arbitrary-length encoding of 0x00 (CVE-2014-1569). Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions (CVE-2014-1545). The sqlite3 packages have been upgraded to the 3.8.6 version due to an prerequisite to nss-3.17.x. Additionally the rootcerts package has also been updated to the latest version as of 2014-11-17, which adds, removes, and distrusts several certificates. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.1_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.2_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.3_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.1_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.2_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.4_release_notes https://www.mozilla.org/en-US/security/advisories/mfsa2014-55/ _______________________________________________________________________ Updated Packages: Mandriva Business Server 2/X86_64: 2aea53da7622f23ec03faa5605d9672c mbs2/x86_64/lemon-3.8.6-1.mbs2.x86_64.rpm 68cc94d4a95146583d8a6b2849759614 mbs2/x86_64/lib64nspr4-4.10.8-1.mbs2.x86_64.rpm a6ffe2ebe6de847b6227c8c4c2cb4ba4 mbs2/x86_64/lib64nspr-devel-4.10.8-1.mbs2.x86_64.rpm 78ba63e6a21b897abac8e4b0e975470d mbs2/x86_64/lib64nss3-3.17.4-1.mbs2.x86_64.rpm aacf8b1f144a7044e77abc5d0be72a7b mbs2/x86_64/lib64nss-devel-3.17.4-1.mbs2.x86_64.rpm 6afff220f7fa93dede0486b76155ae44 mbs2/x86_64/lib64nss-static-devel-3.17.4-1.mbs2.x86_64.rpm 63ffb7675dc414a52a4647f5ed302e3c mbs2/x86_64/lib64sqlite3_0-3.8.6-1.mbs2.x86_64.rpm cfefad1ef4f83cceeeb34a4f2ffca442 mbs2/x86_64/lib64sqlite3-devel-3.8.6-1.mbs2.x86_64.rpm e976251ee0ae5c2b2a2f6a163b693e85 mbs2/x86_64/lib64sqlite3-static-devel-3.8.6-1.mbs2.x86_64.rpm 42018611a17d2b6480b63f0a968a796d mbs2/x86_64/nss-3.17.4-1.mbs2.x86_64.rpm b955454c30e482635944134eb02456e4 mbs2/x86_64/nss-doc-3.17.4-1.mbs2.noarch.rpm 3058267964146b7806c493ff536da63d mbs2/x86_64/rootcerts-20141117.00-1.mbs2.x86_64.rpm 18fc28f1ae18ddd5fe01acb77811d0e6 mbs2/x86_64/rootcerts-java-20141117.00-1.mbs2.x86_64.rpm 200f6a413d13d850ea084a9e42c4fc23 mbs2/x86_64/sqlite3-tcl-3.8.6-1.mbs2.x86_64.rpm 8c88a446098d21cf2675173e32a208e6 mbs2/x86_64/sqlite3-tools-3.8.6-1.mbs2.x86_64.rpm 2e494a940c3189617ff62bc15a2b14fb mbs2/SRPMS/nspr-4.10.8-1.mbs2.src.rpm 0a28d1c9c07909d488c7dabe92c47529 mbs2/SRPMS/nss-3.17.4-1.mbs2.src.rpm 10dcc357bb0bbdc22e7dd308074d037b mbs2/SRPMS/rootcerts-20141117.00-1.mbs2.src.rpm df412cc892bb40e1d7345079a25c0bbb mbs2/SRPMS/sqlite3-3.8.6-1.mbs2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFVAvuLmqjQ0CJFipgRArOfAKDn7F7m/ZnJATspmFD0k083yGXQJwCdHAzw P1QqaGn3HFIH8gKR7XVcRAA= =ZF+9 -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

encryption problem

EXPLOIT AVAILABILITY

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Red Hat

SOURCES

LAST UPDATE DATE

2025-06-26T20:27:17.352000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE