MS KB3009008: Vulnerability in SSL 3.0 Could Allow Information Disclosure (POODLE)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a remote information disclosure
vulnerability.

Description :

The remote host is missing one of the workarounds referenced in the
Microsoft Security Advisory 3009008.

If the client registry key workaround has not been applied, any client
software installed on the remote host (including IE) is affected by an
information disclosure vulnerability when using SSL 3.0.

If the server registry key workaround has not been applied, any server
software installed on the remote host (including IIS) is affected by
an information disclosure vulnerability when using SSL 3.0.

SSL 3.0 uses nondeterministic CBC padding, which allows a
man-in-the-middle attacker to decrypt portions of encrypted traffic
using a 'padding oracle' attack. This is also known as the 'POODLE'
issue.

See also :

http://technet.microsoft.com/en-us/security/advisory/3009008
https://support.microsoft.com/en-us/kb/245030
http://www.nessus.org/u?0c60701b
https://www.imperialviolet.org/2014/10/14/poodle.html
https://www.openssl.org/~bodo/ssl-poodle.pdf
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00

Solution :

Apply the client registry key workaround and the server registry key
workaround suggested by Microsoft in the advisory.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.1
(CVSS2#E:U/RL:TF/RC:UR)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 78447 ()

Bugtraq ID: 70574

CVE ID: CVE-2014-3566

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now