Debian Security Advisory DSA 2203-1 (nss) Network Vulnerability

Summary

The remote host is missing an update to nss announced via advisory DSA 2203-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202203-1

Insight

This update for the Network Security Service libraries marks several fraudulent HTTPS certificates as unstrusted. For the oldstable distribution (lenny), this problem has been fixed in version 3.12.3.1-0lenny4. For the stable distribution (squeeze), this problem has been fixed in version 3.12.8-1+squeeze1. For the unstable distribution (sid), this problem has been fixed in version 3.12.9.with.ckbi.1.82-1. We recommend that you upgrade your nss packages.

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
Debian Security Advisory DSA 1056-1 (webcalendar)
Debian Security Advisory DSA 1090-1 (spamassassin)
Debian Security Advisory DSA 1053-1 (mozilla)
Debian Security Advisory DSA 1151-1 (heartbeat)

Take action and discover your vulnerabilities