Detections
Analytics
Symantec (Blue Coat) Reporter Denial of Service vulnerability (SYMSA1280)
medium Nessus Plugin ID 125357
Language:
Synopsis
The remote host is running a version of Symantec (Blue Coat) Reporter that is affected by a Denial of Service vulnerability.Description
According to its self-reported version number, the Symantec (formerly Blue Coat) Reporter installation running on the remote host is prior to 10.3.1.1. It is, therefore, is affected by a denial of service vulnerability. The SSL/TLS implementation on the remote host allows clients to renegotiate connections. The computational requirements forrenegotiating a connection are asymmetrical between the client and the server, with the server performing several times more work. Since the remote host does not appear to limit the number of renegotiations for a single TLS / SSL connection, this permits a client to open several simultaneous connections and repeatedly renegotiate them, possibly leading to a denial of service condition.Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Symantec Reporter version 10.3.1.1 or later.See Also
Plugin Details
Severity: Medium
ID: 125357
File Name: symantec_reporter_symsa1280.nasl
Version: 1.3
Type: remote
Family: CGI abuses
Published: 5/23/2019
Updated: 10/31/2019
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2011-1473
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:symantec:reporter
Required KB Items: installed_sw/Symantec Reporter
Exploit Ease: No known exploits are available
Patch Publication Date: 9/13/2013
Vulnerability Publication Date: 6/12/2012
Reference Information
CVE: CVE-2011-1473