Adtrustmedia PrivDog < 3.0.105.0 Security Bypass Vulnerability

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by an SSL
certificate security bypass vulnerability.

Description :

The version of Adtrustmedia PrivDog installed on the remote Windows
host is prior to 3.0.105.0. It is, therefore, affected by a flaw in
which X.509 certificates are not properly checked to ensure that they
are not expired, revoked, or otherwise invalidated. An attacker can
exploit this vulnerability to intercept, disclose, and manipulate
HTTPS traffic.

See also :

http://www.nessus.org/u?5a313c30
http://privdog.com/advisory.html

Solution :

Upgrade PrivDog to version 3.0.105.0 or later.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 6.4
(CVSS2#E:ND/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 81497 ()

Bugtraq ID: 72716

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now