Xerox ColorQube 8570 / 8870 Multiple Vulnerabilities (XRX15OA)

High Nessus Plugin ID 86710

Synopsis

The remote multi-function device is affected by multiple vulnerabilities.

Description

According to its model number and software version, the remote host is a Xerox ColorQube device that is affected by multiple vulnerabilities :

- An information disclosure vulnerability exists in the bundled version of OpenSSL due to a flaw in the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that allows nonce disclosure via the 'FLUSH+RELOAD' cache side-channel attack.
(CVE-2014-0076)

- A denial of service vulnerability exists in the bundled version of OpenSSL due to a recursion flaw in the DTLS functionality. A remote attacker can exploit this, via a specially crafted request, to crash the DTLS client application. (CVE-2014-0221)

- An unspecified error exists in the bundled version of OpenSSL due to a flaw in the handshake process. A remote attacker can exploit this, via a crafted handshake, to force the client or server to use weak keying material, allowing simplified man-in-the-middle attacks.
(CVE-2014-0224)

- A denial of service vulnerability exists in the bundled version of OpenSSL due to an unspecified flaw related to the ECDH ciphersuite. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)

- A cross-site scripting vulnerability exists due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session.

Solution

Upgrade to firmware version PS 4.76.0 and net controller version 43.90.10.14.2015.

See Also

http://www.nessus.org/u?15fd6bad

https://www.openssl.org/news/secadv/20140605.txt

http://ccsinjection.lepidum.co.jp/

https://www.imperialviolet.org/2014/06/05/earlyccs.html

Plugin Details

Severity: High

ID: 86710

File Name: xerox_xrx15ao_colorqube.nasl

Version: 1.5

Type: remote

Family: Misc.

Published: 2015/11/03

Updated: 2019/01/02

Dependencies: 70368

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/h:xerox:colorqube

Required KB Items: www/xerox_colorqube, www/xerox_colorqube/model, www/xerox_colorqube/ess, www/xerox_colorqube/ps

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2015/10/14

Vulnerability Publication Date: 2014/02/24

Exploitable With

Core Impact

Reference Information

CVE: CVE-2014-0076, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470

BID: 66363, 67898, 67899, 67901

CERT: 978508