IBM Rational ClearQuest 7.1.x < / 8.0.0.x < / 8.0.1.x < Multiple Vulnerabilities (credentialed check) (POODLE)

Medium Nessus Plugin ID 81784


The remote host has software installed that is affected by multiple vulnerabilities.


The remote host has a version of IBM Rational ClearQuest 7.1.x prior to / 8.0.0.x prior to / 8.0.1.x prior to installed. It is, therefore, potentially affected by multiple vulnerabilities in third party libraries :

- An error exists in the libcURL and OpenSSL libraries related to an IP address that uses a wildcard in the subject's Common Name (CN) field of an X.509 certificate. A man-in-the-middle attacker can exploit this issue to spoof SSL servers. (CVE-2014-0139)

- An error exists in the OpenSSL library related to 'ec point format extension' handling and multithreaded clients that allows freed memory to be overwritten during a resumed session. (CVE-2014-3509)
- An error exists in the OpenSSL library related to handling fragmented 'ClientHello' messages that allow a man-in-the-middle attacker to force usage of TLS 1.0 regardless of higher protocol levels being supported by both the server and the client. (CVE-2014-3511)

- A man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566)

- An information disclosure flaw exists in the Java library within the 'share/classes/sun/security/rsa/' class related to 'RSA blinding' caused during operations using private keys and measuring timing differences. This allows a remote attacker to gain information about used keys. (CVE-2014-4244)

- A flaw exists in the Java library within the 'validateDHPublicKey' function in the 'share/classes/sun/security/util/' class which is triggered during the validation of Diffie-Hellman public key parameters. This allows a remote attacker to recover a key. (CVE-2014-4263)

- A NULL pointer dereference error exists in the OpenSSL library related to handling Secure Remote Password protocol (SRP) that allows a malicious server to crash a client, resulting in a denial of service.


Upgrade to IBM Rational ClearQuest / / or later.

See Also

Plugin Details

Severity: Medium

ID: 81784

File Name: ibm_rational_clearquest_8_0_1_6.nasl

Version: $Revision: 1.7 $

Type: local

Agent: windows

Family: Windows

Published: 2015/03/12

Modified: 2016/05/24

Dependencies: 61564

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:rational_clearquest

Required KB Items: installed_sw/IBM Rational ClearQuest, Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/12/10

Vulnerability Publication Date: 2014/04/15

Reference Information

CVE: CVE-2014-0139, CVE-2014-3509, CVE-2014-3511, CVE-2014-3566, CVE-2014-4244, CVE-2014-4263, CVE-2014-5139

BID: 66458, 68624, 68636, 69077, 69079, 69084, 70574

OSVDB: 105009, 109141, 109142, 109896, 109898, 109902, 113251

CERT: 577193