Novell Home

CVE-2013-5606

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-5606 at MITRE

Description

The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate.

NVD CVSS v2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)

Novell/SUSE information

Novell Bugzilla entry: 850148

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 10 SP4 LTSS for x86
  • mozilla-nspr >= 4.10.2-0.5.1
  • mozilla-nspr-devel >= 4.10.2-0.5.1
  • mozilla-nss >= 3.15.3-0.5.1
  • mozilla-nss-devel >= 3.15.3-0.5.1
  • mozilla-nss-tools >= 3.15.3-0.5.1
Builds
ZYPP Patch Nr: 8758
SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 LTSS for IBM zSeries 64bit
  • mozilla-nspr >= 4.10.2-0.5.1
  • mozilla-nspr-32bit >= 4.10.2-0.5.1
  • mozilla-nspr-devel >= 4.10.2-0.5.1
  • mozilla-nss >= 3.15.3-0.5.1
  • mozilla-nss-32bit >= 3.15.3-0.5.1
  • mozilla-nss-devel >= 3.15.3-0.5.1
  • mozilla-nss-tools >= 3.15.3-0.5.1
Builds
ZYPP Patch Nr: 8758
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
  • mozilla-nspr >= 4.10.2-0.5.1
  • mozilla-nspr-devel >= 4.10.2-0.5.1
  • mozilla-nss >= 3.15.3-0.5.1
  • mozilla-nss-devel >= 3.15.3-0.5.1
  • mozilla-nss-tools >= 3.15.3-0.5.1
Builds
ZYPP Patch Nr: 8757
SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
  • mozilla-nspr >= 4.10.2-0.5.1
  • mozilla-nspr-32bit >= 4.10.2-0.5.1
  • mozilla-nspr-devel >= 4.10.2-0.5.1
  • mozilla-nss >= 3.15.3-0.5.1
  • mozilla-nss-32bit >= 3.15.3-0.5.1
  • mozilla-nss-devel >= 3.15.3-0.5.1
  • mozilla-nss-tools >= 3.15.3-0.5.1
Builds
ZYPP Patch Nr: 8757
SLE 11 SP2 DEBUGINFO
  • mozilla-nspr-debuginfo >= 4.10.2-0.3.1
  • mozilla-nspr-debugsource >= 4.10.2-0.3.1
  • mozilla-nss-debuginfo >= 3.15.3-0.3.1
  • mozilla-nss-debugsource >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SLE 11 SP2 DEBUGINFO
  • mozilla-nspr-debuginfo >= 4.10.2-0.3.1
  • mozilla-nspr-debuginfo-x86 >= 4.10.2-0.3.1
  • mozilla-nspr-debugsource >= 4.10.2-0.3.1
  • mozilla-nss-debuginfo >= 3.15.3-0.3.1
  • mozilla-nss-debuginfo-x86 >= 3.15.3-0.3.1
  • mozilla-nss-debugsource >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SLE 11 SP2 DEBUGINFO
  • mozilla-nspr-debuginfo >= 4.10.2-0.3.1
  • mozilla-nspr-debuginfo-32bit >= 4.10.2-0.3.1
  • mozilla-nspr-debugsource >= 4.10.2-0.3.1
  • mozilla-nss-debuginfo >= 3.15.3-0.3.1
  • mozilla-nss-debuginfo-32bit >= 3.15.3-0.3.1
  • mozilla-nss-debugsource >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SUSE Linux Enterprise Software Development Kit 11 SP2
  • mozilla-nspr-devel >= 4.10.2-0.3.1
  • mozilla-nss-devel >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libfreebl3 >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SUSE Linux Enterprise Server 11 SP2
  • libfreebl3 >= 3.15.3-0.3.1
  • libfreebl3-x86 >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-x86 >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
  • mozilla-nss-x86 >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libfreebl3 >= 3.15.3-0.3.1
  • libfreebl3-32bit >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-32bit >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SLE 11 SP3 DEBUGINFO
  • mozilla-nspr-debuginfo >= 4.10.2-0.3.1
  • mozilla-nspr-debugsource >= 4.10.2-0.3.1
  • mozilla-nss-debuginfo >= 3.15.3-0.8.1
  • mozilla-nss-debugsource >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SLE 11 SP3 DEBUGINFO
  • mozilla-nspr-debuginfo >= 4.10.2-0.3.1
  • mozilla-nspr-debuginfo-x86 >= 4.10.2-0.3.1
  • mozilla-nspr-debugsource >= 4.10.2-0.3.1
  • mozilla-nss-debuginfo >= 3.15.3-0.8.1
  • mozilla-nss-debugsource >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SLE 11 SP3 DEBUGINFO
  • mozilla-nspr-debuginfo >= 4.10.2-0.3.1
  • mozilla-nspr-debuginfo-32bit >= 4.10.2-0.3.1
  • mozilla-nspr-debugsource >= 4.10.2-0.3.1
  • mozilla-nss-debuginfo >= 3.15.3-0.8.1
  • mozilla-nss-debugsource >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SUSE Linux Enterprise Software Development Kit 11 SP3
  • mozilla-nspr-devel >= 4.10.2-0.3.1
  • mozilla-nss-devel >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libfreebl3 >= 3.15.3-0.8.1
  • libsoftokn3 >= 3.15.3-0.8.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.8.1
  • mozilla-nss-tools >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SUSE Linux Enterprise Server 11 SP3
  • libfreebl3 >= 3.15.3-0.8.1
  • libfreebl3-x86 >= 3.15.3-0.8.1
  • libsoftokn3 >= 3.15.3-0.8.1
  • libsoftokn3-x86 >= 3.15.3-0.8.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-x86 >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.8.1
  • mozilla-nss-tools >= 3.15.3-0.8.1
  • mozilla-nss-x86 >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libfreebl3 >= 3.15.3-0.8.1
  • libfreebl3-32bit >= 3.15.3-0.8.1
  • libsoftokn3 >= 3.15.3-0.8.1
  • libsoftokn3-32bit >= 3.15.3-0.8.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.8.1
  • mozilla-nss-32bit >= 3.15.3-0.8.1
  • mozilla-nss-tools >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SLE 11 SP1 DEBUGINFO
  • mozilla-nspr-debuginfo >= 4.10.2-0.3.1
  • mozilla-nspr-debugsource >= 4.10.2-0.3.1
  • mozilla-nss-debuginfo >= 3.15.3-0.3.1
  • mozilla-nss-debugsource >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8574
SLE 11 SP1 DEBUGINFO
  • mozilla-nspr-debuginfo >= 4.10.2-0.3.1
  • mozilla-nspr-debuginfo-32bit >= 4.10.2-0.3.1
  • mozilla-nspr-debugsource >= 4.10.2-0.3.1
  • mozilla-nss-debuginfo >= 3.15.3-0.3.1
  • mozilla-nss-debuginfo-32bit >= 3.15.3-0.3.1
  • mozilla-nss-debugsource >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8574
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libfreebl3 >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8574
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libfreebl3 >= 3.15.3-0.3.1
  • libfreebl3-32bit >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-32bit >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8574

© 2014 Novell