#VU32555 Input validation error in Mozilla NSS


Published: 2014-03-25 | Updated: 2020-07-28

Vulnerability identifier: #VU32555

Vulnerability risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2014-1492

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Mozilla NSS
Universal components / Libraries / Libraries used by multiple products

Vendor: Mozilla

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Mozilla NSS: 3.13.4 - 3.52.1

External links
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00015.html
http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html
http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html
http://seclists.org/fulldisclosure/2014/Dec/23
http://secunia.com/advisories/59866
http://secunia.com/advisories/60621
http://secunia.com/advisories/60794
http://www.debian.org/security/2014/dsa-2994
http://www.mozilla.org/security/announce/2014/mfsa2014-45.html
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.securityfocus.com/bid/66356
http://www.ubuntu.com/usn/USN-2159-1
http://www.ubuntu.com/usn/USN-2185-1
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
http://bugzilla.mozilla.org/show_bug.cgi?id=903885
http://bugzilla.redhat.com/show_bug.cgi?id=1079851
http://developer.mozilla.org/en-US/docs/NSS/NSS_3.16_release_notes
http://hg.mozilla.org/projects/nss/rev/709d4e597979
http://security.gentoo.org/glsa/201504-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Amazon Linux AMI update for ruby22
Amazon Linux AMI update for ruby21
Amazon Linux AMI update for ruby20
Amazon Linux AMI update for ruby19
Amazon Linux AMI update for ruby18
Input validation error in nss (Alpine package)
Slackware Linux update for mozilla-nss
Input validation error in developer.mozilla nss