IBM Domino 8.5.x / 9.0.x < 9.0.1 Fix Pack 8 TLS Server Diffie-Hellman Key Validation MitM

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

A business collaboration application running on the remote host is
affected by a key validation vulnerability.

Description :

According to its banner, the version of IBM Domino (formerly IBM
Lotus Domino) running on the remote host is 8.5.x or 9.0.x prior to
9.0.1 Fix Pack 8. It is, therefore, affected by a flaw in the TLS
server due to improper validation of Diffie-Hellman parameters. A
man-in-the-middle (MitM) attacker can exploit this, via a small
subgroup attack, to more easily break the encryption and thereby
compromise the connection between the server and clients, resulting in
the disclosure of user authentication credentials.

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg22002808

Solution :

Upgrade to IBM Domino version 9.0.1 Fix Pack 8 or later.

Note that users who remain on the following releases may open a
service request with IBM Support for a custom hotfix :

- version 9.0.1 through 9.0.1 Fix Pack 7 Interim Fix 2
- version 9.0 through 9.0 Interim Fix 7

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.2
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 100682 ()

Bugtraq ID: 98794

CVE ID: CVE-2016-6087

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now