CVE-2016-2834

Related Files

Red Hat Security Advisory 2016-2779-01

Posted Nov 16, 2016

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2779-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services libraries. The following packages have been upgraded to a newer upstream version: nss, nss-util. Multiple security issues have been addressed.

tags | advisory

systems | linux, redhat

advisories | CVE-2016-2834, CVE-2016-5285, CVE-2016-8635

SHA-256 | df0b83d865da079f245658c46d7eff1eab3b336b9074b5a1419917a774b695c1

Download | Favorite | View

Debian Security Advisory 3688-1

Posted Oct 6, 2016

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3688-1 - Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2015-4000, CVE-2015-7181, CVE-2015-7182, CVE-2015-7575, CVE-2016-1938, CVE-2016-1950, CVE-2016-1978, CVE-2016-1979, CVE-2016-2834

SHA-256 | b93966cf45b459b94721e41f799657ce1d921ea91d32c39e7fe841f2d97f11e7

Download | Favorite | View

Ubuntu Security Notice USN-3029-1

Posted Jul 11, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3029-1 - Tyson Smith and Jed Davis discovered that NSS incorrectly handled memory. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. This update refreshes the NSS package to version 3.23 which includes the latest CA certificate bundle. As a security improvement, this update also modifies NSS behaviour to reject DH key sizes below 1024 bits, preventing a possible downgrade attack. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2016-2834

SHA-256 | 6e601ccd1ee83f0d499b744c4b1829d9d494088ab8da32987ec0617887d2186f

Download | Favorite | View

Ubuntu Security Notice USN-2993-1

Posted Jun 9, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2993-1 - Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel, Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson, Christoph Diehl, Julian Hector, Jan de Mooij, Mats Palmgren, and Tooru Fujisawa discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. A buffer overflow was discovered when parsing HTML5 fragments in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary

systems | linux, ubuntu

advisories | CVE-2016-2815, CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2825, CVE-2016-2828, CVE-2016-2829, CVE-2016-2831, CVE-2016-2832, CVE-2016-2833, CVE-2016-2834

SHA-256 | 2ff696ca4a756aacf9ad21083349f0d417485c427aad64ef4152513c33030755

Download | Favorite | View