Xerox WorkCentre 77XX Multiple Vulnerabilities (XRX15R) (FREAK) (GHOST)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote multi-function device is affected by multiple
vulnerabilities.

Description :

According to its model number and software version, the remote Xerox
WorkCentre 77XX device is affected by multiple vulnerabilities :

- A security feature bypass vulnerability, known as FREAK
(Factoring attack on RSA-EXPORT Keys), exists due to the
support of weak EXPORT_RSA cipher suites with keys less
than or equal to 512 bits. A man-in-the-middle attacker
may be able to downgrade the SSL/TLS connection to use
EXPORT_RSA cipher suites which can be factored in a
short amount of time, allowing the attacker to intercept
and decrypt the traffic. (CVE-2015-0204)

- A heap-based buffer overflow condition exists in the GNU
C Library (glibc) due to improper validation of
user-supplied input to the glibc functions
__nss_hostname_digits_dots(), gethostbyname(), and
gethostbyname2(). This allows a remote attacker to cause
a buffer overflow, resulting in a denial of service
condition or the execution of arbitrary code. This
vulnerability is known as GHOST. (CVE-2015-0235)

See also :

http://www.nessus.org/u?94c70bf4
https://www.smacktls.com/#freak
http://www.nessus.org/u?c7a6ddbd

Solution :

Apply the appropriate cumulative update as described in the Xerox
security bulletin in the referenced URL.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 87327 ()

Bugtraq ID: 71936
72325

CVE ID: CVE-2015-0204
CVE-2015-0235

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now