Mandriva Linux Security Advisory : mozilla (MDVSA-2011:129)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Security issues were identified and fixed in mozilla firefox and
thunderbird :

Google Chrome user alibo encountered an active man in the middle
(MITM) attack on secure SSL connections to Google servers. The
fraudulent certificate was mis-issued by DigiNotar, a Dutch
Certificate Authority. DigiNotar has reported evidence that other
fraudulent certificates were issued and in active use but the full
extent of the compromise is not known.

For the protection of our users Mozilla has removed the DigiNotar root
certificate. Sites using certificates issued by DigiNotar will need to
seek another certificate vendor.

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149 products_id=490

Additionally, some packages which require so, have been rebuilt and
are being provided as updates.

See also :

http://www.mozilla.org/security/announce/2011/mfsa2011-34.html

Solution :

Update the affected packages.

Risk factor :

High

Family: Mandriva Local Security Checks

Nessus Plugin ID: 56083 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now