MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (2785220) (uncredentialed check)

Medium Nessus Plugin ID 63643

Synopsis

The remote host is affected by a security feature bypass vulnerability.

Description

The remote host contains a flaw in the handling of SSL version 3 (SSLv3) and TLS (Transport Layer Security) protocols. An attacker can inject specially crafted content into an SSL/TLS session, which could allow an attacker to bypass security features of SSLv3 and TLS protocols in order to intercept communications.

Note that this plugin only tests Microsoft IIS HTTPS and TLS-capable FTP servers, which are known to use MS13-006 update files. Other SSL/TLS implementations may also be affected. To test all SSL/TLS services Nessus finds, configure the 'Report paranoia' preference setting to 'Paranoid (more false alarms).'

Solution

Microsoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 8, and 2012.

For other SSL/TLS implementations, contact the vendor for updates.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-006

Plugin Details

Severity: Medium

ID: 63643

File Name: ms13-006_ssl.nbin

Version: 1.127

Type: remote

Agent: windows

Family: Windows

Published: 2013/01/22

Updated: 2020/02/26

Dependencies: 11936, 56984, 10107

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/01/08

Vulnerability Publication Date: 2013/01/08

Reference Information

CVE: CVE-2013-0013

BID: 57144

MSFT: MS13-006

IAVB: 2013-B-0003

MSKB: 2785220