Xerox WorkCentre 3025 / 3215 / 3225 OpenSSL Multiple Vulnerabilities (XRX15AM) (FREAK) (POODLE)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote multi-function device is affected by multiple
vulnerabilities.

Description :

According to its model number and software version, the remote Xerox
WorkCentre 3025 / 3215 / 3225 device is affected by multiple OpenSSL
vulnerabilities :

- A man-in-the-middle (MitM) information disclosure
vulnerability, known as POODLE, exists due to the way
SSL 3.0 handles padding bytes when decrypting messages
encrypted using block ciphers in cipher block chaining
(CBC) mode. A MitM attacker can decrypt a selected byte
of a cipher text in as few as 256 tries if they are able
to force a victim application to repeatedly send the
same data over newly created SSL 3.0 connections.
(CVE-2014-3566)

- A security feature bypass vulnerability, known as FREAK
(Factoring attack on RSA-EXPORT Keys), exists due to the
support of weak EXPORT_RSA cipher suites with keys less
than or equal to 512 bits. A man-in-the-middle attacker
may be able to downgrade the SSL/TLS connection to use
EXPORT_RSA cipher suites which can be factored in a
short amount of time, allowing the attacker to intercept
and decrypt the traffic. (CVE-2015-0204)

See also :

http://www.nessus.org/u?3c3607a7
https://www.imperialviolet.org/2014/10/14/poodle.html
https://www.openssl.org/~bodo/ssl-poodle.pdf
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
https://www.smacktls.com/#freak

Solution :

Apply the appropriate cumulative update as described in the Xerox
security bulletin in the referenced URL.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.1
(CVSS2#E:U/RL:TF/RC:UR)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 87324 ()

Bugtraq ID: 71936
70574

CVE ID: CVE-2015-0204
CVE-2014-3566

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now