RSS   Vulnerabilities for 'Mod nss'   RSS

2018-02-15
 
CVE-2011-4973

CWE-287
 

 
Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.

 
2017-08-09
 
CVE-2015-3277

 

 
The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring.

 
2017-08-07
 
CVE-2015-5244

 

 
The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.

 
2013-12-12
 
CVE-2013-4566

CWE-264
 

 
mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.

 


Copyright 2024, cxsecurity.com

 

Back to Top