IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote host has software installed that is affected by multiple
vulnerabilities.

Description :

The version of IBM Domino (formerly Lotus Domino) installed on the
remote host is 9.0.x prior to 9.0.1 Fix Pack 2 (FP2). It is,
therefore, affected by the following vulnerabilities :

- An unspecified error exists related to the TLS
implementation and the IBM HTTP server that could allow
certain error cases to cause 100% CPU utilization. Note
this issue only affects Microsoft Windows hosts.
(CVE-2014-0963)

- Fixes in the Oracle Java CPU for April 2014 are included
in the fixed IBM Java release, which is included in the
fixed IBM Domino release.
(CVE-2013-6629, CVE-2013-6954, CVE-2014-0429,
CVE-2014-0446, CVE-2014-0448, CVE-2014-0449,
CVE-2014-0451, CVE-2014-0452, CVE-2014-0453,
CVE-2014-0454, CVE-2014-0455, CVE-2014-0457,
CVE-2014-0458, CVE-2014-0459, CVE-2014-0460,
CVE-2014-0461, CVE-2014-1876, CVE-2014-2398,
CVE-2014-2401, CVE-2014-2402, CVE-2014-2409,
CVE-2014-2412, CVE-2014-2414, CVE-2014-2420,
CVE-2014-2421, CVE-2014-2423, CVE-2014-2427,
CVE-2014-2428)

- A man-in-the-middle (MitM) information disclosure
vulnerability, known as POODLE, exists due to the way
SSL 3.0 handles padding bytes when decrypting messages
encrypted using block ciphers in cipher block chaining
(CBC) mode. A MitM attacker can decrypt a selected byte
of a cipher text in as few as 256 tries if they are able
to force a victim application to repeatedly send the
same data over newly created SSL 3.0 connections.
(CVE-2014-3566)

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21681114
http://www-01.ibm.com/support/docview.wss?uid=swg24037141
http://www.nessus.org/u?eb873351
https://www.imperialviolet.org/2014/10/14/poodle.html
https://www.openssl.org/~bodo/ssl-poodle.pdf
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00

Solution :

Upgrade to IBM Domino version 9.0.1 FP2 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.0
(CVSS2#E:POC/RL:U/RC:ND)
Public Exploit Available : true