McAfee Firewall Enterprise OpenSSL Information Disclosure (SB10071) (Heartbleed)

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by an information disclosure
vulnerability.

Description :

The remote host has a version of McAfee Firewall Enterprise installed
that is affected by an out-of-bounds read error, known as Heartbleed,
in the TLS/DTLS implementation due to improper handling of TLS
heartbeat extension packets. A remote attacker, using crafted packets,
can trigger a buffer over-read, resulting in the disclosure of up to
64KB of process memory, which contains sensitive information such as
primary key material, secondary key material, and other protected
content.

See also :

https://kc.mcafee.com/corporate/index?page=content&id=SB10071

Solution :

Apply 8.3.2 ePatch 14 per the vendor advisory.

Risk factor :

High / CVSS Base Score : 9.4
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N)
CVSS Temporal Score : 8.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 73834 ()

Bugtraq ID: 66690

CVE ID: CVE-2014-0160