CVE-2017-7502
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.
| Software | From | Fixed in |
|---|---|---|
| mozilla / network_security_services | 3.25.0 | 3.25.0.x |
| mozilla / network_security_services | 3.29.1 | 3.29.1.x |
| mozilla / network_security_services | 3.29.0 | 3.29.0.x |
| mozilla / network_security_services | 3.30.0 | 3.30.0.x |
| mozilla / network_security_services | 3.29.2 | 3.29.2.x |
| mozilla / network_security_services | 3.25.1 | 3.25.1.x |
| mozilla / network_security_services | 3.28.1 | 3.28.1.x |
| mozilla / network_security_services | 3.26.2 | 3.26.2.x |
| mozilla / network_security_services | 3.30.1 | 3.30.1.x |
| mozilla / network_security_services | 3.24.0 | 3.24.0.x |
| mozilla / network_security_services | 3.27.0 | 3.27.0.x |
| mozilla / network_security_services | 3.29.3 | 3.29.3.x |
| mozilla / network_security_services | 3.28.0 | 3.28.0.x |
| mozilla / network_security_services | 3.27.2 | 3.27.2.x |
| mozilla / network_security_services | 3.28.3 | 3.28.3.x |
| mozilla / network_security_services | 3.28.2 | 3.28.2.x |
| mozilla / network_security_services | 3.27.1 | 3.27.1.x |
| mozilla / network_security_services | 3.26.0 | 3.26.0.x |
- http://www.debian.org/security/2017/dsa-3872
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.securityfocus.com/bid/98744
- http://www.securitytracker.com/id/1038579
- https://access.redhat.com/errata/RHSA-2017:1364
- https://access.redhat.com/errata/RHSA-2017:1365
- https://access.redhat.com/errata/RHSA-2017:1567
- https://access.redhat.com/errata/RHSA-2017:1712
- https://hg.mozilla.org/projects/nss/rev/55ea60effd0d
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime