Xerox WorkCentre 77XX Multiple Vulnerabilities (XRX15R) (FREAK) (GHOST)

Critical Nessus Plugin ID 87327

Synopsis

The remote multi-function device is affected by multiple vulnerabilities.

Description

According to its model number and software version, the remote Xerox WorkCentre 77XX device is affected by multiple vulnerabilities :

- A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204)

- A heap-based buffer overflow condition exists in the GNU C Library (glibc) due to improper validation of user-supplied input to the glibc functions
__nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. This vulnerability is known as GHOST. (CVE-2015-0235)

Solution

Apply the appropriate cumulative update as described in the Xerox security bulletin in the referenced URL.

See Also

http://www.nessus.org/u?94c70bf4

https://www.smacktls.com/#freak

http://www.nessus.org/u?c7a6ddbd

Plugin Details

Severity: Critical

ID: 87327

File Name: xerox_xrx15r.nasl

Version: 1.4

Type: remote

Family: Misc.

Published: 2015/12/11

Updated: 2019/11/20

Dependencies: 18141

Risk Information

Risk Factor: Critical

CVSS Score Source: CVE-2015-0235

CVSS v2.0

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/h:xerox:workcentre

Required KB Items: www/xerox_workcentre, www/xerox_workcentre/model, www/xerox_workcentre/ssw

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2015/10/19

Vulnerability Publication Date: 2015/01/06

Exploitable With

Core Impact

Metasploit (Exim GHOST (glibc gethostbyname) Buffer Overflow)

Reference Information

CVE: CVE-2015-0204, CVE-2015-0235

BID: 71936, 72325

CERT: 243585, 967332