FireEye Operating System Multiple Vulnerabilities (SB001)

Critical Nessus Plugin ID 77057

Synopsis

The remote host is missing a vendor-supplied security patch.

Description

The remote host is running a version of FireEye Operating System (FEOS) that is affected by multiple vulnerabilities :

- An error exists in the function ssl3_read_bytes() function that allows data to be injected into other sessions or allow denial of service attacks. Note that this issue is only exploitable if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298)

- An error exists in the do_ssl3_write() function that allows a NULL pointer to be dereferenced, leading to denial of service attacks. Note that this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198)

- An error exists related to DTLS handshake handling that allows denial of service attacks. Note that this issue only affects OpenSSL when used as a DTLS client.
(CVE-2014-0221)

- An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks.
(CVE-2014-0224)

- An error exists in the 'dtls1_get_message_fragment' function related to anonymous ECDH cipher suites. This allows denial of service attacks. Note that this issue only affects OpenSSL TLS clients. (CVE-2014-3470)

- An unspecified flaw exists that allows a remote attacker to execute arbitrary commands with root privileges.

Solution

Apply the relevant patch referenced in the vendor advisory.

See Also

http://www.nessus.org/u?62e5edf4

https://www.openssl.org/news/secadv/20140605.txt

Plugin Details

Severity: Critical

ID: 77057

File Name: fireeye_os_SB001.nasl

Version: 1.9

Type: local

Family: Firewalls

Published: 2014/08/07

Updated: 2019/01/02

Dependencies: 77056

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:fireeye:feos

Required KB Items: Host/FireEye/series, Host/FireEye/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/06/12

Vulnerability Publication Date: 2014/07/08

Exploitable With

Core Impact

Reference Information

CVE: CVE-2010-5298, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470

BID: 66801, 67193, 67898, 67899, 67901

CERT: 978508