US CERT: Mozilla Network Security Services (NSS) Library Vulnerability

瀏覽次數:0 次
跳到第一則未讀訊息

Gerald309

未讀,
2014年9月26日 上午8:08:062014/9/26
收件者:bluecollar...@googlegroups.com、BlueCollar...@yahoogroups.com
Fwd: Mozilla Network Security Services (NSS) Library Vulnerability


-------- Forwarded Message --------
Subject: Mozilla Network Security Services (NSS) Library Vulnerability
Date: Wed, 24 Sep 2014 16:18:57 -0500
From: US-CERT <US-...@ncas.us-cert.gov>
Reply-To: US-...@ncas.us-cert.gov
To: gera...@gmail.com


NCCIC / US-CERT

National Cyber Awareness System:

09/24/2014 04:32 PM EDT

Original release date: September 24, 2014

A vulnerability in the Mozilla NSS library could allow an attacker to forge an RSA signature, such as an SSL certificate. The package is often included in 3rd party software, including Linux distributions, Google Chrome, and others. It is possible that other cryptographic libraries may be similarly affected.

US-CERT recommends users and administrators review Vulnerability Note VU#772676, Mozilla Foundation Security Advisory 2014-73, and Google Stable Channel Update Blog for additional information and mitigation details.

This product is provided subject to this Notification and this Privacy & Use policy.

OTHER RESOURCES:
Contact Us | Security Publications | Alerts and Tips | Related Resources
STAY CONNECTED:
Sign up for email updates
This email was sent to gera...@gmail.com using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (703) 235-5110 Powered by GovDelivery


回覆所有人
回覆作者
轉寄
0 則新訊息