Arch Linux Security Advisory 201409-1
Date : 2014-09-24
CVE-ID : CVE-2014-1568
Package : nss
Type : Signature forgery attack
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE-2014
The package nss before version 3.17.1-1 is vulnerable to a signature
Upgrade to 3.17.1-1.
The problem has been fixed upstream in version 3.17.1.
Antoine Delignat-Lavaud, security researcher at Inria Paris in team
Prosecco, reported an issue in Network Security Services (NSS) libraries
affecting all versions. He discovered that NSS is vulnerable to a
variant of a signature forgery attack previously published by Daniel
Bleichenbacher. This is due to lenient parsing of ASN.1 values involved
in a signature and could lead to the forging of RSA certificates.
The Advanced Threat Research team at Intel Security also independently
discovered and reported this issue.
This vulnerability may allow an attacker to forge false RSA
certificates, considered valid by applications, like Firefox or
Thunderbird, that rely on NSS to valid certificates.
This could for example be used to conduct Man-In-The-Middle attack.