SolarWinds DameWare Mini Remote Control < 12.0 Hotfix 2 SSLv3 Padding Oracle On Downgraded Legacy Encryption (POODLE)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote host is running a remote management application that is
affected by a man-in-the-middle (MitM) information disclosure
vulnerability.

Description :

The remote host is running a version of SolarWinds DameWare Mini
Remote Control prior to 12.0 Hotfix 2. It is, therefore, affected by
a man-in-the-middle (MitM) information disclosure vulnerability known
as POODLE. The vulnerability is due to the way SSL 3.0 handles padding
bytes when decrypting messages encrypted using block ciphers in cipher
block chaining (CBC) mode. A MitM attacker can decrypt a selected byte
of a cipher text in as few as 256 tries if they are able to force a
victim application to repeatedly send the same data over newly created
SSL 3.0 connections.

See also :

https://thwack.solarwinds.com/message/313220#313220
https://www.imperialviolet.org/2014/10/14/poodle.html
https://www.openssl.org/~bodo/ssl-poodle.pdf
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00

Solution :

Upgrade to SolarWinds DameWare Mini Remote Control v12.0 Hotfix 2 or
later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.1
(CVSS2#E:U/RL:TF/RC:UR)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 86995 ()

Bugtraq ID: 70574

CVE ID: CVE-2014-3566

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now