Computerworld: ISS: Critical Netscape Flaw Could be Widespread

Aug 25, 2004, 14:30 (7 Talkback[s])
(Other stories by Paul Roberts)

"Security company Internet Security Systems Inc. (ISS) is warning its customers about a critical security hole in a commonly used technology from the Mozilla Foundation called the Netscape Network Security Services (NSS) library that could make Web servers vulnerable to remote attack.

"Atlanta-based ISS issued a security bulletin today about a flaw in the NSS library's implementation of the Secure Sockets Layer Version 2 (SSLv2) protocol that could allow remote attackers to use an SSLv2 connection to take control of Web servers using the NSS library.

Complete Story

Related Stories:

• Red Hat Linux Advisories: kernel, mozilla(Jul 22, 2003)
• Red Hat Linux Advisory: mozilla(Jul 15, 2003)
• CNET News: Mozilla Bug Leaks Web Surfing Data(Sep 16, 2002)
• MozillaNews.org: Mozilla.org Clarifies Security Policy (May 07, 2002)