Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2007-0008 to a friend New vulnerability? New tool? Tell us	CVE-2007-0008 Mozilla Network Security Services SSLv2 Client Integer Underflow Vulnerability     Credit: The information has been provided by iDefense. The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482 Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2007-0008 Details Check for CVE-2007-0008 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * Mozilla Network Security Services versions 3.10 and 3.11.3.  * These libraries are used in a variety of products from multiple vendors including Sun Microsystems, Red Hat and Mozilla.  * Previous versions are also likely to be affected.  * The names 'libnss3.so' on Linux based systems or 'nss3.dll' on Windows based systems may indicate the library is being used by an application. The vulnerability specifically exists due to a design error in the processing of malformed SSLv2 server messages. By sending a certificate with a public key too small to encrypt the "Master Secret", heap corruption can be triggered which may result in the execution of arbitrary code. Successful exploitation of this vulnerability would allow an attacker to execute arbitrary code in the context of the user running the affected client. Since this vulnerability is in library code used by multiple applications, the details of how an attacker would exploit it vary. In all cases, the affected client connects to a server which replies in the initial handshake with a specially crafted certificate. This causes a heap based overflow with random data and eventually causes a fault writing past the end of the allocated space. Some applications may use values from the overwritten memory locations before the program exits. In this case, it may be possible for an attacker to cause code to execute. Although the data which overruns the heap is random, code execution is possible on some platforms with some applications using the library. Although unreliable, iDefense has demonstrated that this vulnerability can result in code execution with Firefox 1.5.0.9 on Windows XP. Vendor Status: The Mozilla Foundation has addressed this vulnerability in Mozilla Foundation Security Advisory 2007-06. CVE Information: CVE-2007-0008 Disclosure Timeline:  * 12/18/2006 - Initial vendor notification  * 12/19/2006 - Initial vendor response  * 02/23/2007 - Coordinated public disclosure  Comments on CVE-2007-0008:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®