ThinkVantage System Update < 3.14 SSL Certificate Issuer Spoofing

high Nessus Plugin ID 32443

Synopsis

A remote Windows host contains a program that is prone to a spoofing attack.

Description

The remote host is running ThinkVantage System Update, a software distribution tool for Lenovo computers.

The version of System Update installed on the remote host reportedly does not perform certificate chain verification when initiating an SSL connection with an update server. An attacker who could redirect connections to a malicious server could leverage this issue to send specially crafted XML and EXE files in response to requests from System Update, which would then lead to arbitrary code execution.

Solution

Upgrade to System Update 3.14 or later.

See Also

http://www.security-objectives.com/advisories/SECOBJADV-2008-01.txt

https://seclists.org/bugtraq/2008/May/283

http://www.nessus.org/u?b69b64de

Plugin Details

Severity: High

ID: 32443

File Name: thinkvantage_system_update_3_14.nasl

Version: 1.14

Type: local

Agent: windows

Family: Windows

Published: 5/28/2008

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2008-3249

BID: 29366

CWE: 255

Secunia: 30379