CVE-2011-3640
Published: 28 October 2011
** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."
Notes
Author | Note |
---|---|
tyhicks | Only programs calling NSS_NoDB_Init() are affected. Per Red Hat, most applications specify the path to the files rather than calling NSS_NoDB_Init(). Among other mitigating factors, attacker must plant file in root of current working directory. The CVE description mentions Chrome being affected but it is only affected on Windows and MacOS X. However, it is ultimately an NSS bug and the versions of NSS that we ship look to be affected. |
mdeslaur | Attacker needs to create files in /, which only root can do. This isn't a security issue on Linux. |
Priority
Status
Package | Release | Status |
---|---|---|
chromium-browser Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
(MacOS X and Windows only)
|
|
maverick |
Not vulnerable
(MacOS X and Windows only)
|
|
natty |
Not vulnerable
(MacOS X and Windows only)
|
|
oneiric |
Not vulnerable
(MacOS X and Windows only)
|
|
precise |
Not vulnerable
(MacOS X and Windows only)
|
|
upstream |
Not vulnerable
(MacOS X and Windows only)
|
|
nss Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Not vulnerable
(3.13.1.with.ckbi.1.88-1ubuntu6)
|
|
upstream |
Released
(3.13)
|
|
Patches: upstream: https://bugzilla.mozilla.org/attachment.cgi?id=564058 vendor: http://lists.debian.org/debian-security-announce/2011/msg00215.html vendor: https://rhn.redhat.com/errata/RHSA-2011-1444.html |