Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.XEROX_XRX15AV.NASL
HistoryDec 11, 2015 - 12:00 a.m.

Xerox WorkCentre 4260 / 4265 Multiple Vulnerabilities (XRX15AV) (FREAK) (Logjam)

2015-12-1100:00:00
This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
291
JSON

According to its model number and software version, the remote Xerox WorkCentre 4260 / 4265 device is affected by multiple vulnerabilities :

  • A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204)

  • A man-in-the-middle vulnerability, known as Logjam, exists due to a flaw in the SSL/TLS protocol. A remote attacker can exploit this flaw to downgrade connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. (CVE-2015-4000)

  • A TCP connection spoofing vulnerability exists due to weak TCP initial sequence number (ISN) generation. A man-in-the-middle attacker can exploit this to spoof TCP connections or cause a denial of service.
    (CVE-2015-3963)

Note that the FREAK (CVE-2015-0204) vulnerability on WorkCentre 4260 was fixed in a prior release.

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(87326);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");

  script_cve_id("CVE-2015-0204", "CVE-2015-3963", "CVE-2015-4000");
  script_bugtraq_id(71936, 74733, 75302);
  script_xref(name:"CERT", value:"243585");
  script_xref(name:"CEA-ID", value:"CEA-2021-0004");

  script_name(english:"Xerox WorkCentre 4260 / 4265 Multiple Vulnerabilities (XRX15AV) (FREAK) (Logjam)");

  script_set_attribute(attribute:"synopsis", value:
"The remote multi-function device is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its model number and software version, the remote Xerox
WorkCentre 4260 / 4265 device is affected by multiple
vulnerabilities :

  - A security feature bypass vulnerability, known as FREAK
    (Factoring attack on RSA-EXPORT Keys), exists due to the
    support of weak EXPORT_RSA cipher suites with keys less
    than or equal to 512 bits. A man-in-the-middle attacker
    may be able to downgrade the SSL/TLS connection to use
    EXPORT_RSA cipher suites which can be factored in a
    short amount of time, allowing the attacker to intercept
    and decrypt the traffic. (CVE-2015-0204)

  - A man-in-the-middle vulnerability, known as Logjam,
    exists due to a flaw in the SSL/TLS protocol. A remote
    attacker can exploit this flaw to downgrade connections
    using ephemeral Diffie-Hellman key exchange to 512-bit
    export-grade cryptography. (CVE-2015-4000)

  - A TCP connection spoofing vulnerability exists due to
    weak TCP initial sequence number (ISN) generation. A
    man-in-the-middle attacker can exploit this to spoof TCP
    connections or cause a denial of service.
    (CVE-2015-3963)

Note that the FREAK (CVE-2015-0204) vulnerability on WorkCentre 4260
was fixed in a prior release.");
  # https://www.xerox.com/download/security/security-bulletin/1e9b7-5246c7996a40b/cert_Security_Mini-_Bulletin_XRX15AV_for_WC4260_WC4265_v1-02.pdf
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0b2b309a");
  script_set_attribute(attribute:"see_also", value:"https://www.smacktls.com/#freak");
  script_set_attribute(attribute:"see_also", value:"https://weakdh.org/");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate cumulative update as described in the Xerox
security bulletin in the referenced URL.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-3963");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"in_the_news", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/01/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/10/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/12/11");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:xerox:workcentre");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("xerox_workcentre_detect.nasl");
  script_require_keys("www/xerox_workcentre", "www/xerox_workcentre/model", "www/xerox_workcentre/ssw");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

# Get model and system software version
model = get_kb_item_or_exit("www/xerox_workcentre/model");
ver = get_kb_item_or_exit("www/xerox_workcentre/ssw");

if (model =~ "^4260$")
  fix = "30.105.41.000";
else if (model =~ "^4265$")
  fix = "50.003.11.000";
else
  audit(AUDIT_HOST_NOT, "an affected Xerox WebCentre model");

if (ver_compare(ver:ver, fix:fix, strict:FALSE) >= 0)
  audit(AUDIT_INST_VER_NOT_VULN, "Xerox WorkCentre " + model + " System SW", ver);

if (report_verbosity > 0)
{
  report =
    '\n  Model                             : Xerox WorkCentre ' + model +
    '\n  Installed system software version : ' + ver +
    '\n  Fixed system software version     : ' + fix + '\n';
  security_warning(port:0, extra:report);
}
else security_warning(0);
VendorProductVersionCPE
xeroxworkcentrecpe:/h:xerox:workcentre

Related

ibm 95
prion 3
ics 2
cve 3
nessus 31
cisa 2
cisco 1
kitploit 1
f5 4
debiancve 2
openvas 26
hackerone 1
thn 1
veracode 1
ubuntucve 2
fortinet 2
openssl 1
checkpoint_security 1
cert 1
fedora 6
atlassian 5
aix 1
oraclelinux 2
suse 1
mozilla 1
amazon 1
threatpost 1
redhat 1
ibm
ibm
Security Bulletin: OpenSSL (including FREAK), RC4 stream cipher (Bar Mitzvah), and Diffie-Hellman ciphers (Logjam) vulnerabilities affect Tivoli Storage FlashCopy Manager Unix and VMware (CVE-2015-0204, CVE-2015-2808, CVE-2015-4000)
2018-06-17 15:10:22
Security Bulletin: Multiple vulnerabilities in the IBM Runtime Environments Java Technology Edition, Versions 6 and 7 in TPF Toolkit (CVE-2015-0204, CVE-2015-0478, CVE-2015-0488, CVE-2015-1916, CVE-2015-4000)
2018-08-03 04:23:43
Security Bulletin: Vulnerability in OpenSSL affects IBM XIV Storage System Gen3 and Gen2 (CVE-2015-0204)
2018-06-18 00:09:22
prion
prion
Code injection
2015-08-04 01:59:00
Code injection
2015-01-09 02:59:00
Code injection
2015-05-21 00:59:00
ics
ics
Wind River VXWorks TCP Predictability Vulnerability in ICS Devices (Update B)
2015-06-18 00:00:00
Wind River VXWorks TCP Predictability Vulnerability in ICS Devices (Update B)
2016-02-04 12:00:00
cve
cve
CVE-2015-3963
2015-08-04 01:59:00
CVE-2015-0204
2015-01-09 02:59:00
CVE-2015-4000
2015-05-21 00:59:00
nessus
nessus
Wind River VxWorks TCP Predictability Vulnerability
2015-06-25 00:00:00
IBM DB2 10.5 < Fix Pack 7 Multiple Vulnerabilities (Bar Mitzvah) (FREAK) (Logjam)
2016-01-06 00:00:00
IBM DB2 10.5 < Fix Pack 7 Multiple Vulnerabilities (Linux) (Bar Mitzvah) (FREAK) (Logjam)
2016-01-06 00:00:00
cisa
cisa
FREAK
2015-03-06 00:00:00
OpenSSL Patches Multiple Vulnerabilities
2015-06-12 00:00:00
cisco
cisco
OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability
2015-01-13 19:57:19
kitploit
kitploit
A2SV - Auto Scanning to SSL Vulnerability
2016-08-06 14:46:00
f5
f5
K16139 : OpenSSL vulnerability CVE-2015-0204
2015-10-02 00:00:00
SOL16139 - OpenSSL vulnerability CVE-2015-0204
2015-02-12 00:00:00
SOL16674 - TLS vulnerability CVE-2015-4000
2015-05-21 00:00:00
debiancve
debiancve
CVE-2015-0204
2015-01-09 02:59:00
CVE-2015-4000
2015-05-21 00:59:00
openvas
openvas
DTLS: Deprecated DTLSv1.0 Detection
2024-01-09 00:00:00
SSL/TLS: RSA Temporary Key Handling 'RSA_EXPORT' Downgrade Issue (FREAK)
2015-03-06 00:00:00
OpenSSL Information Disclosure Vulnerability (20150319 - 4) - Linux
2021-07-29 00:00:00
hackerone
hackerone
Internet Bug Bounty: FREAK: Factoring RSA_EXPORT Keys to Impersonate TLS Servers
2015-03-05 16:18:06
thn
thn
'FREAK' — New SSL/TLS Vulnerability Explained
2015-03-03 20:30:00
veracode
veracode
Brute Force Decryption
2017-02-10 01:27:34
ubuntucve
ubuntucve
CVE-2015-0204
2015-01-08 00:00:00
CVE-2015-4000
2015-05-20 00:00:00
fortinet
fortinet
TLS FREAK Attack
2015-03-04 00:00:00
CVE-2015-4000 "Logjam" attack
2015-05-20 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2015-0204
2015-01-06 00:00:00
checkpoint_security
checkpoint_security
Check Point response to TLS FREAK Attack (CVE-2015-0204)
2015-03-03 22:00:00
cert
cert
SSL/TLS implementations accept export-grade RSA keys (FREAK attack)
2015-03-06 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: nss-3.19.1-1.0.fc22
2015-06-02 15:17:04
[SECURITY] Fedora 21 Update: nss-util-3.19.1-1.0.fc21
2015-06-01 17:06:27
[SECURITY] Fedora 21 Update: nss-softokn-3.19.1-1.0.fc21
2015-06-01 17:06:26
atlassian
atlassian
Update Java version bundled found in the installer to a version >= 1.8u51
2015-07-15 01:35:17
Update Java version bundled found in the installer to a version >= 1.8u51
2015-07-15 01:35:17
Update Java version bundled found in the installer to a version >= 1.8u51
2015-07-15 01:43:18
aix
aix
Vulnerability in Diffie-Hellman ciphers affects sendmail on AIX,Vulnerability in Diffie-Hellman ciphers affects sendmail on VIOS
2015-08-07 15:15:59
oraclelinux
oraclelinux
openssl security update
2015-06-04 00:00:00
nss security update
2015-06-25 00:00:00
suse
suse
Security update for MySQL (important)
2015-07-02 21:05:19
mozilla
mozilla
NSS accepts export-length DHE keys with regular DHE cipher suites — Mozilla
2015-07-02 00:00:00
amazon
amazon
Medium: nss, nss-util
2015-07-22 10:00:00
threatpost
threatpost
OpenSSL Patches Five Flaws, Adds Protection Against Logjam Attack
2015-06-11 13:48:27
redhat
redhat
(RHSA-2015:1072) Moderate: openssl security update
2015-06-04 00:00:00
JSON
Related for XEROX_XRX15AV.NASL
ibm95prion3ics2cve3nessus31cisa2cisco1kitploit1f54debiancve2openvas26hackerone1thn1veracode1ubuntucve2fortinet2openssl1checkpoint_security1cert1fedora6atlassian5aix1oraclelinux2suse1mozilla1amazon1threatpost1redhat1