ThinkVantage System Update < 3.14 SSL Certificate Issuer Spoofing

High Nessus Plugin ID 32443


A remote Windows host contains a program that is prone to a spoofing attack.


The remote host is running ThinkVantage System Update, a software distribution tool for Lenovo computers.

The version of System Update installed on the remote host reportedly does not perform certificate chain verification when initiating an SSL connection with an update server. An attacker who could redirect connections to a malicious server could leverage this issue to send specially crafted XML and EXE files in response to requests from System Update, which would then lead to arbitrary code execution.


Upgrade to System Update 3.14 or later.

See Also

Plugin Details

Severity: High

ID: 32443

File Name: thinkvantage_system_update_3_14.nasl

Version: $Revision: 1.12 $

Type: local

Agent: windows

Family: Windows

Published: 2008/05/28

Modified: 2016/11/03

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 7.6

Temporal Score: 6.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:ND

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2008-3249

BID: 29366

OSVDB: 45621

Secunia: 30379

CWE: 255