Mozilla Network Security Service (NSS): RSA signature forgery
Gentoo Linux Security Advisory
||GLSA 200610-06 / nss
||October 17, 2006
||October 17, 2006: 01
All supported architectures
NSS fails to properly validate PKCS #1 v1.5 signatures.
The Mozilla Network Security Service is a library implementing security
features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12,
S/MIME and X.509 certificates.
Daniel Bleichenbacher discovered that it might be possible to forge
signatures signed by RSA keys with the exponent of 3. This affects a
number of RSA signature implementations, including Mozilla's NSS.
Since several Certificate Authorities (CAs) are using an exponent of 3
it might be possible for an attacker to create a key with a false CA
signature. This impacts any software using the NSS library, like the
Mozilla products Firefox, Thunderbird and Seamonkey.
There is no known workaround at this time.
All NSS users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/nss-3.11.3"
Note: As usual after updating a library, you should run
'revdep-rebuild' (from the app-portage/gentoolkit package) to ensure
that all applications linked to it are properly rebuilt.