Dell eDellRoot / DSDTestProvider Root CA Certificates Installed

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by a man-in-the-middle
vulnerability.

Description :

The remote Windows host is affected by a man-in-the-middle (MitM)
vulnerability due to the installation of a non-authorized root CA
certificate into the Windows trusted system certificate store. The
private keys for many of these root CAs are publicly known.
Furthermore, websites that use specially crafted self-signed
certificates will be reported as trusted to the user. Individual
Firefox and Thunderbird profiles may also contain the compromised root
CA certificates.

A MitM attacker can exploit this vulnerability to read and/or modify
communications encrypted via HTTPS without the user's knowledge.

See also :

https://zmap.io/dell/
http://www.dell.com/support/article/us/en/04/SLN300321

Solution :

Uninstall the eDellRoot and DSDTestProvider root CA certificates per
the vendor knowledge base article.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 5.5
(CVSS2#E:F/RL:TF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 87013 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now