ID OPENVAS:1361412562310868824 Type openvas Reporter Copyright (C) 2015 Greenbone Networks GmbH Modified 2019-03-15T00:00:00
Description
The remote host is missing an update for the
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for libuv FEDORA-2014-15411
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.868824");
script_version("$Revision: 14223 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $");
script_tag(name:"creation_date", value:"2015-01-05 14:56:40 +0100 (Mon, 05 Jan 2015)");
script_cve_id("CVE-2014-3566");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:N/A:N");
script_name("Fedora Update for libuv FEDORA-2014-15411");
script_tag(name:"summary", value:"The remote host is missing an update for the 'libuv'
package(s) announced via the referenced advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"affected", value:"libuv on Fedora 21");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_xref(name:"FEDORA", value:"2014-15411");
script_xref(name:"URL", value:"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146221.html");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2015 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC21");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "FC21")
{
if ((res = isrpmvuln(pkg:"libuv", rpm:"libuv~0.10.29~1.fc21", rls:"FC21")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310868824", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for libuv FEDORA-2014-15411", "description": "The remote host is missing an update for the ", "published": "2015-01-05T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868824", "reporter": "Copyright (C) 2015 Greenbone Networks GmbH", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146221.html", "2014-15411"], "cvelist": ["CVE-2014-3566"], "lastseen": "2019-05-29T18:36:34", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-3566"]}, {"type": "seebug", "idList": ["SSV:92692"]}, {"type": "f5", "idList": ["F5:K15702", "SOL15702"]}, {"type": "freebsd", "idList": ["384FC0B2-0144-11E5-8FDA-002590263BF5", "76C7A0F5-5928-11E4-ADC7-001999F8D30B"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:ACE3C7E4A01EEFAC1C8D47279076DC77"]}, {"type": "citrix", "idList": ["CTX200238"]}, {"type": "nessus", "idList": ["ASTERISK_AST_2014_011.NASL", "SOLARWINDS_DAMEWARE_MINI_REMOTE_CONTROL_V12_0_HOTFIX_2.NASL", "REDHAT-RHSA-2014-1948.NASL", "SUSE_11_SUSEREGISTER-141121.NASL", "FREEBSD_PKG_384FC0B2014411E58FDA002590263BF5.NASL", "IBM_DOMINO_SWG21693142.NASL", "REDHAT-RHSA-2014-1653.NASL", "FEDORA_2014-13781.NASL", "SSL_POODLE.NASL", "FEDORA_2015-9090.NASL"]}, {"type": "aix", "idList": ["OPENSSL_ADVISORY11.ASC"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310868604", "OPENVAS:1361412562310868770", "OPENVAS:1361412562310868601", "OPENVAS:1361412562310802087", "OPENVAS:1361412562310868721", "OPENVAS:1361412562310868693", "OPENVAS:1361412562310105950", "OPENVAS:1361412562310868600", "OPENVAS:1361412562310868455", "OPENVAS:703489"]}, {"type": "fedora", "idList": ["FEDORA:B1D43608A1FC", "FEDORA:D241A60EFAEF", "FEDORA:AC832604E903", "FEDORA:13EED60DC938", "FEDORA:ABDD7608A209", "FEDORA:955A2608A1F0", "FEDORA:50E7D60F2C0C", "FEDORA:B758360EE970", "FEDORA:E523360D8734", "FEDORA:0FE8860E4374"]}, {"type": "redhat", "idList": ["RHSA-2015:1545", "RHSA-2015:1546", "RHSA-2014:1948", "RHSA-2014:1653"]}, {"type": "nmap", "idList": ["NMAP:SSL-ENUM-CIPHERS.NSE"]}, {"type": "suse", "idList": ["SUSE-SU-2015:0010-1"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20141215-01-POODLE"]}, {"type": "hackerone", "idList": ["H1:288966", "H1:216271"]}, {"type": "centos", "idList": ["CESA-2014:1653"]}, {"type": "virtuozzo", "idList": ["VZA-2017-081"]}, {"type": "amazon", "idList": ["ALAS-2014-429", "ALAS-2014-426"]}, {"type": "debian", "idList": ["DEBIAN:DLA-282-1:F03D5"]}], "modified": "2019-05-29T18:36:34", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2019-05-29T18:36:34", "rev": 2}, "vulnersScore": 6.3}, "pluginID": "1361412562310868824", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libuv FEDORA-2014-15411\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868824\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:56:40 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for libuv FEDORA-2014-15411\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libuv'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libuv on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-15411\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146221.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"libuv\", rpm:\"libuv~0.10.29~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T06:14:29", "description": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.", "edition": 13, "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 1.4}, "published": "2014-10-15T00:55:00", "title": "CVE-2014-3566", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3566"], "modified": "2020-11-12T14:15:00", "cpe": ["cpe:/a:oracle:database:11.2.0.4", "cpe:/o:netbsd:netbsd:5.1", "cpe:/a:openssl:openssl:1.0.0k", "cpe:/a:openssl:openssl:0.9.8y", "cpe:/a:openssl:openssl:0.9.8m", "cpe:/a:openssl:openssl:1.0.1a", "cpe:/a:openssl:openssl:0.9.8n", "cpe:/o:redhat:enterprise_linux_workstation_supplementary:7.0", "cpe:/a:openssl:openssl:0.9.8b", "cpe:/a:openssl:openssl:0.9.8h", "cpe:/a:openssl:openssl:0.9.8za", "cpe:/a:openssl:openssl:0.9.8zb", "cpe:/a:openssl:openssl:0.9.8u", "cpe:/o:netbsd:netbsd:6.0.2", "cpe:/a:openssl:openssl:1.0.1", "cpe:/a:openssl:openssl:0.9.8w", "cpe:/a:openssl:openssl:0.9.8k", "cpe:/o:novell:suse_linux_enterprise_server:11.0", "cpe:/o:netbsd:netbsd:6.1", "cpe:/o:ibm:vios:2.2.3.0", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:novell:suse_linux_enterprise_desktop:10.0", "cpe:/o:novell:suse_linux_enterprise_server:12.0", "cpe:/a:openssl:openssl:1.0.1e", "cpe:/a:openssl:openssl:0.9.8j", "cpe:/a:openssl:openssl:0.9.8t", "cpe:/a:openssl:openssl:1.0.1d", "cpe:/o:ibm:vios:2.2.2.4", "cpe:/o:ibm:aix:6.1", "cpe:/o:novell:suse_linux_enterprise_desktop:9.0", "cpe:/o:novell:suse_linux_enterprise_desktop:12.0", "cpe:/o:ibm:vios:2.2.0.11", "cpe:/o:ibm:vios:2.2.0.12", "cpe:/a:openssl:openssl:0.9.8a", "cpe:/o:ibm:vios:2.2.1.7", "cpe:/o:fedoraproject:fedora:19", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:openssl:openssl:0.9.8q", "cpe:/o:novell:suse_linux_enterprise_desktop:11.0", "cpe:/a:openssl:openssl:1.0.0a", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:netbsd:netbsd:6.0.6", "cpe:/o:ibm:vios:2.2.2.0", "cpe:/a:openssl:openssl:1.0.1g", "cpe:/o:ibm:vios:2.2.1.3", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:netbsd:netbsd:6.1.1", "cpe:/o:fedoraproject:fedora:21", "cpe:/o:ibm:vios:2.2.1.9", "cpe:/a:openssl:openssl:0.9.8z", "cpe:/o:ibm:vios:2.2.1.0", "cpe:/a:openssl:openssl:0.9.8o", "cpe:/a:openssl:openssl:1.0.0h", "cpe:/o:ibm:vios:2.2.1.5", "cpe:/a:openssl:openssl:0.9.8x", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:netbsd:netbsd:5.1.1", "cpe:/o:ibm:vios:2.2.2.3", "cpe:/o:netbsd:netbsd:5.2.2", "cpe:/a:openssl:openssl:1.0.1b", "cpe:/o:netbsd:netbsd:6.0", "cpe:/o:ibm:vios:2.2.2.5", "cpe:/a:openssl:openssl:1.0.1h", "cpe:/a:openssl:openssl:0.9.8s", "cpe:/o:ibm:aix:7.1", "cpe:/o:netbsd:netbsd:6.1.2", "cpe:/a:openssl:openssl:1.0.0l", "cpe:/a:oracle:database:12.1.0.2", "cpe:/o:netbsd:netbsd:6.0.4", "cpe:/o:ibm:vios:2.2.0.10", "cpe:/o:netbsd:netbsd:6.1.5", "cpe:/o:netbsd:netbsd:5.2", "cpe:/o:netbsd:netbsd:6.0.3", "cpe:/a:openssl:openssl:0.9.8f", "cpe:/a:openssl:openssl:0.9.8", "cpe:/a:openssl:openssl:1.0.0", "cpe:/a:openssl:openssl:1.0.0i", "cpe:/a:openssl:openssl:0.9.8i", "cpe:/a:openssl:openssl:1.0.0f", "cpe:/o:redhat:enterprise_linux_workstation_supplementary:6.0", "cpe:/o:redhat:enterprise_linux_server_supplementary:5.0", "cpe:/o:ibm:vios:2.2.2.1", "cpe:/o:ibm:vios:2.2.1.6", "cpe:/a:openssl:openssl:0.9.8c", "cpe:/o:ibm:vios:2.2.3.3", "cpe:/o:redhat:enterprise_linux_server_supplementary:6.0", "cpe:/a:openssl:openssl:1.0.1c", "cpe:/a:openssl:openssl:1.0.0e", "cpe:/o:fedoraproject:fedora:20", "cpe:/a:openssl:openssl:1.0.0g", "cpe:/a:openssl:openssl:0.9.8r", "cpe:/o:ibm:vios:2.2.3.2", "cpe:/o:redhat:enterprise_linux_desktop_supplementary:6.0", "cpe:/o:ibm:vios:2.2.1.8", "cpe:/a:openssl:openssl:1.0.1i", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:ibm:vios:2.2.3.4", "cpe:/a:openssl:openssl:1.0.0j", "cpe:/o:novell:suse_linux_enterprise_software_development_kit:12.0", "cpe:/o:mageia:mageia:4.0", "cpe:/o:netbsd:netbsd:5.2.1", "cpe:/o:netbsd:netbsd:6.1.3", "cpe:/o:netbsd:netbsd:5.1.4", "cpe:/a:openssl:openssl:1.0.0b", "cpe:/o:ibm:vios:2.2.1.1", "cpe:/a:openssl:openssl:0.9.8d", "cpe:/o:redhat:enterprise_linux_server_supplementary:7.0", "cpe:/o:novell:suse_linux_enterprise_software_development_kit:11.0", "cpe:/o:netbsd:netbsd:6.0.5", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:netbsd:netbsd:5.1.2", "cpe:/a:openssl:openssl:0.9.8v", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/a:openssl:openssl:1.0.0d", "cpe:/o:netbsd:netbsd:6.1.4", "cpe:/a:openssl:openssl:1.0.1f", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/a:openssl:openssl:1.0.0m", "cpe:/o:ibm:vios:2.2.1.4", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:ibm:aix:5.3", "cpe:/o:ibm:vios:2.2.0.13", "cpe:/o:ibm:vios:2.2.2.2", "cpe:/o:mageia:mageia:3.0", "cpe:/a:openssl:openssl:1.0.0n", "cpe:/o:redhat:enterprise_linux_desktop_supplementary:5.0", "cpe:/o:ibm:vios:2.2.3.1", "cpe:/a:openssl:openssl:0.9.8e", "cpe:/a:openssl:openssl:0.9.8g", "cpe:/a:openssl:openssl:1.0.0c", "cpe:/o:netbsd:netbsd:6.0.1", "cpe:/o:apple:mac_os_x:10.10.1", "cpe:/a:openssl:openssl:0.9.8l", "cpe:/o:opensuse:opensuse:12.3", "cpe:/o:netbsd:netbsd:5.1.3", "cpe:/a:openssl:openssl:0.9.8p"], "id": "CVE-2014-3566", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:ibm:vios:2.2.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_desktop:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:database:11.2.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:5.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:database:12.1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*", "cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:5.2:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_desktop:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:6.0:beta:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*", "cpe:2.3:o:ibm:vios:2.2.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:netbsd:netbsd:5.1.4:*:*:*:*:*:*:*"]}], "seebug": [{"lastseen": "2017-11-19T12:01:42", "description": "# SSL 3.0 POODLE attack information disclosure Vulnerability(CVE-2014-3566)\n\n * Release date: 2014-10-14\n * Update date: 2014-10-16\n\n### Affected system:\n\n * Netscape ssl 3.0\n * Netscape tls\n\n### Not affected system:\n\n * Netscape tls 1.2\n * Netscape tls 1.1\n * Netscape tls 1.0\n\n## Description:\n\nCVE(CAN) ID: CVE-2014-3566\n\nSSL3. 0 is an obsolete and insecure Protocol, has now been TLS 1.0, TLS 1.1, TLS 1.2 alternative, because of compatibility reasons, most TLS implementations remain compatible with SSL3. To 0.\n\nFor commonality considerations, currently most browsers version support SSL3. 0, TLS Protocol handshake phase contains a version negotiation step, in General, the client and server to the latest version of the Protocol will be used. Its in the server side of the handshake phase for version negotiation, first offer its support agreement to the latest version, if the handshake fails, then try with the older version of the Protocol negotiation. Be able to implement man in the middle attacks the attacker by making the affected versions of the browser and the server using newer Protocol negotiation failed connection, you can successfully achieve a downgrade attack, so that the client and the server using the insecure SSL3. 0 communicate, in this case, since the SSL 3.0 use of CBC block encryption implementation vulnerability exists, an attacker can successfully crack the SSL connections encrypt the information, such as access to user cookie data. This attack is called POODL attack(Padding Oracle On Downgraded Legacy Encryption) is.\n\nThis vulnerability affected the vast majority of SSL server and client, the impact of a wide range. But the attacker as to the use of successful, need to be able to control the client and server between the data(perform a MiTM attack).\n\nHow to fix POODLE SSLv3 security vulnerability (CVE-2014-3566) http://www.linuxidc.com/Linux/2014-10/108103.htm\n\n## Recommendations\n\nTemporary workaround:\n\nIf you can not immediately install patches or upgrades, NSFOCUS recommend that you take the following measures to reduce the threat:\n\n * Disable the SSL 3.0 Protocol.\n\nThe current popular browsers, only IE 6.0 still does not support TLS 1.0, disable SSL 3.0 Protocol will affect IE 6 clients SSL access.\n\n## The service end of the Disable method:\n\n### Apache 2. x\n\nIn the mod_ssl configuration file use the following command to disable SSLv2 and SSLv3 with: SSLProtocol All-SSLv2-SSLv3 Restart Apache\n\n### Nginx\n\nIn the configuration file to use: ssl_protocols TLSv1 TLSv1. 1 TLSv1. 2; Restart Nginx\n\n### IIS\n\nFind the following registry key: HKey_Local_Machine\\System\\CurrentControlSet\\Control\\SecurityProviders \\SCHANNEL\\Protocols This registry key usually contains the following sub-items:\n\n * PCT 1.0\n * SSL 2.0\n * SSL 3.0\n * TLS 1.0\n\nEach of the registry entries are reserved for in the Protocol-related information. Can be on the server, disable these protocols in any one. To do this, the Protocol SSL 3.0, the server subkey create a new DWORD Value. The DWORD value is set to\u201c00 00 00 00\u201dit.\n\n## Browser disable method:\n\nIE: \"Tools\" -> \"Internet Options\" -> \"Advanced\", uncheck\"use SSL 3.0\"check box.\n\nChrome:\n\nCopy a usually open Chrome browser shortcuts, the new shortcut on right-click, Go into properties, In the\"target\"behind the spaces in the end of the field, enter the following command --ssl-version-min=tls1\n\nFireFox:\n\nIn the address bar enter\"about:config\", and then the security. tls. version. min adjusted to 1.\n\n### Reference:\n\n * https://www.openssl.org/~bodo/ssl-poodle. pdf\n * http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html \n * https://technet.microsoft.com/en-us/library/security/3009008\n", "published": "2017-02-17T00:00:00", "type": "seebug", "title": "SSL 3.0 POODLE\uff08CVE-2014-3566\uff09", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-3566"], "modified": "2017-02-17T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-92692", "id": "SSV:92692", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": ""}], "f5": [{"lastseen": "2017-09-18T23:48:31", "bulletinFamily": "software", "cvelist": ["CVE-2014-3566", "CVE-2014-8730"], "edition": 1, "description": "\nF5 Product Development has assigned ID 481907, ID 484678, ID 484677 (BIG-IP, BIG-IQ, Enterprise Manager), ID 484393 (ARX), ID 484708 (FirePass), and LRS-31601 (LineRate) to this vulnerability, and is currently evaluating the vulnerability status for supported releases. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H484499 on the **Diagnostics** > **Identified** > **High** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\n**Important**: Some releases in the following table have multiple component entries with different vulnerable and non-vulnerable version information.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.0.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP AAM | 11.4.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.4.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP AFM | 11.3.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.3.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP Analytics | 11.0.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.0.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP APM | 11.0.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.0.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP ASM | 11.0.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.0.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP DNS | None | 12.0.0 | None \n \nBIG-IP Edge Gateway | 11.0.0 - 11.3.0 | None | SSL profiles \nConfiguration utility \n \nBIG-IP GTM | 11.0.0 - 11.6.1 | None | Configuration utility \n \nBIG-IP Link Controller | 11.0.0 - 11.6.1 | 12.0.0 | Configuration utility \n | | | \nBIG-IP PEM | 11.3.0 - 11.4.1 | 12.0.0* \n11.5.0 - 11.6.1* | SSL profiles \n11.3.0 - 11.6.1 | 12.0.0 | Configuration utility \n \nBIG-IP PSM | 11.0.0 - 11.4.1 | None | SSL profiles \nConfiguration utility \n \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 | None | SSL profiles \nConfiguration utility \n \nBIG-IP WOM | 11.0.0 - 11.3.0 | None | SSL profiles \nConfiguration utility \n \nARX | 6.0.0 - 6.4.0 | None | ARX Manager GUI \nAPI (disabled by default) \n \nEnterprise Manager | 3.0.0 - 3.1.1 \n2.0.0 - 2.3.0 | None | Configuration utility \n \nFirePass | 7.0.0 \n6.0.0 - 6.1.0 | None | Administrative interface \nWebServices \n \nBIG-IQ Cloud | 4.0.0 - 4.5.0 | None | Configuration utility \n4.0.0 - 4.5.0 | None | REST API \n \nBIG-IQ Device | 4.2.0 - 4.5.0 | None | Configuration utility \n4.2.0 - 4.5.0 | None | REST API \n \nBIG-IQ Security | 4.0.0 - 4.5.0 | None | Configuration utility \n4.0.0 - 4.5.0 | None | REST API \n \nBIG-IQ ADC | 4.5.0 | None | Configuration utility \n4.5.0 | None | REST API \n \nBIG-IQ Centralized Management | None | 5.0.0 \n4.6.0 | None \n \nBIG-IQ Cloud and Orchestration | None | 1.0.0 | None \n \nF5 iWorkflow | None | 2.0.0 | None \n \nLineRate | 2.2.0 - 2.4.1 \n1.6.0 - 1.6.4 | None | SSL profiles \n \n* SSL profiles that contain the default cipher string (DEFAULT) do not allow SSLv3 connections and are not vulnerable to this CVE. However, if you have modified the **Ciphers** setting for the profile to allow SSLv3, then connections to the virtual server are vulnerable. For information about verifying whether SSLv3 is enabled for the profile, refer to the **Vulnerability Recommended Actions** section.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * [BIG-IP, BIG-IQ, and Enterprise Manager](<https://support.f5.com/csp/article/K15702#bigip>)\n * [FirePass](<https://support.f5.com/csp/article/K15702#firepass>)\n * [ARX](<https://support.f5.com/csp/article/K15702#arx>)\n * [LineRate](<https://support.f5.com/csp/article/K15702#linerate>)\n\n**BIG-IP, BIG-IQ, and Enterprise Manager**\n\nSSL profiles\n\nTo mitigate this vulnerability in the SSL profile for the BIG-IP system, you can disable the SSLv3 protocol in the SSL profile by adding **!SSLv3** to the cipher string. For details about how to add this, refer to the following articles:\n\n * [K13171: Configuring the cipher strength for SSL profiles (11.x)](<https://support.f5.com/csp/article/K13171>)\n * [K7815: Configuring the cipher strength for SSL profiles (9.x - 10.x)](<https://support.f5.com/csp/article/K7815>)\n\nConfiguration utility\n\nTo mitigate this vulnerability for the Configuration utility, use the following options:\n\nBIG-IP 11.5.0 - 11.6.1\n\nFor BIG-IP 11.5.0 through 11.6.1, you can disable the SSLv3 protocol for the Configuration utility by performing the following procedure:\n\n**Note**: Feature enhancements allowing the use of this procedure have also been included in the following software versions: 11.4.1 HF6, 11.4.0 HF9, 11.2.1 HF13, and 10.2.4 HF10.\n\n 1. Log in to the Traffic Management Shell (**tmsh**) by typing the following command: \n\ntmsh\n\n 2. Disable SSLv3 (and SSLv2) by typing the following command: \n\nmodify /sys httpd ssl-protocol \"all -SSLv2 -SSLv3\"\n\n 3. Save the configuration by typing the following command: \n\nsave /sys config\n\nAll BIG-IP versions\n\nFor all BIG-IP versions, F5 recommends that you expose the management access only on trusted networks.\n\nBIG-IQ 4.4.0 and later\n\nFor BIG-IQ 4.4.0 and later, you can disable the SSLv3 protocol for the Configuration utility by performing the following procedure:\n\n**Impact of procedure**: This procedure restarts the **webd** process and temporarily disrupts traffic to the BIG-IQ system. You should perform this procedure during a maintenance window.\n\n 1. Log in to the BIG-IQ command line.\n 2. Back up a copy of the **/etc/webd/webd.conf** file by typing the following command: \n\ncp -p /etc/webd/webd.conf /var/tmp/webd.conf.sol15702\n\n 3. Edit the **/etc/webd/webd.conf** file using a text editor of your choice.\n 4. Locate the following line in the **/etc/webd/webd.conf** file: \n\nssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;\n\n 5. Remove SSLv2 and SSLv3 from this line. After removal, this line should appear as follows: \n\nssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n\n 6. Save the changes and exit the text editor.\n 7. Restart the **webd** process by typing the following command: \n\ntmsh restart sys service webd\n\n**FirePass**\n\n**Disabling SSLv3 for all FirePass interfaces**\n\n**Impact of procedure**: This procedure restarts services and prevents some connections to the FirePass system. You should perform this procedure during a maintenance window.\n\n 1. Log in to the FirePass Administrator interface.\n 2. Navigate to **Device Management** >** Security** > **User Access Security**.\n 3. Under **SSL Protocol Versions**, click **Accept only TLS protocol** **(incompatible with some browsers)**.\n 4. Under **SSL Ciphers Policy Enforcement**, select the **Reject SSL connection when a non-compliant cipher is used by the client browser **check box.\n 5. To restart services, click \"**click *here* to restart FirePass Services**.\"\n 6. Click **Restart**.\n\n**ARX**\n\nChanging the ARX Manager GUI cipher string (6.2.0 and later)\n\nTo disable SSLv3 for the ARX Manager GUI, perform the following procedure:\n\n**Impact of procedure:** Disabling SSLv3 may prevent some connections to the ARX Manager GUI.\n\n 1. Log in to the ARX Manager GUI.\n 2. Expand **Maintenance**.\n 3. Select **Certificates**.\n 4. Click the tab for **SSL Ciphers**.\n 5. Deselect all SSL ciphers.\n\n**LineRate**\n\nTo mitigate this vulnerability in the SSL profile for the LineRate system, you can disable the SSLv3 protocol in the SSL profile by pre-pending **!SSLv3** to the cipher-list. For details about how to add this, refer to the following article:\n\n * [CVE-2014-3566: Removing SSLv3 from LineRate](<https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-linerate>)\n\n**Note**: A DevCentral login is required to access this content.\n\n * [K15882: TLS1.x padding vulnerability CVE-2014-8730](<https://support.f5.com/csp/article/K15882>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K10942: Installing OPSWAT hotfixes on BIG-IP APM systems](<https://support.f5.com/csp/article/K10942>)\n**Note**: A DevCentral login is required to access the following content.\n\n * [CVE-2014-3566 POODLE vs CVE-2014-8730 TLS POODLE](<https://devcentral.f5.com/articles/cve-2014-3566-poodle-vs-cve-2014-8730-tls-poodle>)\n * [CVE-2014-3566: Removing SSLv3 from BIG-IP](<https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip>)\n * [iRule to stop SSLv3 connections](<https://devcentral.f5.com/articles/irule-to-stop-sslv3-connections>)\n * [POODLE and TLS_FALLBACK_SCSV deep dive](<https://devcentral.f5.com/articles/poodle-and-tlsfallbackscsv-deep-dive>)\n * [SSLv3 POODLE mitigation recommendations](<https://devcentral.f5.com/articles/sslv3-poodle-recommendations>)\n", "modified": "2017-09-18T21:31:00", "published": "2014-10-15T05:15:00", "href": "https://support.f5.com/csp/article/K15702", "id": "F5:K15702", "title": "SSLv3 vulnerability CVE-2014-3566", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-12-03T05:27:54", "bulletinFamily": "software", "cvelist": ["CVE-2014-3566", "CVE-2014-8730"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * BIG-IP, BIG-IQ, and Enterprise Manager\n * FirePass\n * ARX\n * LineRate\n\n**BIG-IP, BIG-IQ, and Enterprise Manager**\n\nSSL profiles\n\nTo mitigate this vulnerability in the SSL profile for the BIG-IP system, you can\u00c2 disable the SSLv3 protocol in the SSL profile by adding **!SSLv3** to the cipher string. For details about how to add this, refer to the following articles:\n\n * SOL13171: Configuring the cipher strength for SSL profiles (11.x)\n * SOL7815: Configuring the cipher strength for SSL profiles (9.x - 10.x)\n\nConfiguration utility\n\nTo mitigate this vulnerability for the Configuration utility use the following options:\n\nBIG-IP 11.5.0 \u00e2\u0080\u0093 11.6.0\n\nFor BIG-IP 11.5.0 \u00e2\u0080\u0093 11.6.0, you can disable the SSLv3 protocol for the Configuration utility by performing the following procedure:\n\n**Note**: Feature enhancements allowing the use of this procedure have also been included in the following software versions: 11.4.1 HF6, 11.4.0 HF9, 11.2.1 HF13, and 10.2.4 HF10.\n\n 1. Log in to the\u00c2 Traffic Management Shell (**tmsh**) by typing the following command: \n\ntmsh\n\n 2. Disable SSLv3 (and SSLv2) by typing the following command: \n\nmodify /sys httpd ssl-protocol \"all -SSLv2 -SSLv3\"\n\n 3. Save the configuration by typing the following command: \n\nsave /sys config\n\nAll BIG-IP versions\n\nFor all BIG-IP versions, F5 recommends that you expose the management access only on trusted networks.\n\nBIG-IQ 4.4.0 and later\n\nFor BIG-IQ 4.4.0 and later, you can disable the SSLv3 protocol for the Configuration utility by performing the following procedure:\n\n**Impact of procedure**: This procedure will restart the **webd** process and temporarily disrupt traffic to the BIG-IQ system. You should perform this procedure during a maintenance window.\n\n 1. Log in to the BIG-IQ command line.\n 2. Back up a copy of the **/etc/webd/webd.conf** file by typing the following command: \n\ncp -p /etc/webd/webd.conf /var/tmp/webd.conf.sol15702\n\n 3. Edit the **/etc/webd/webd.conf** file using a text editor of your choice.\n 4. Locate the following line in the **/etc/webd/webd.conf** file: \n\nssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;\n\n 5. Remove SSLv2 and SSLv3 from this line. After removal, this line should appear as follows: \n\nssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n\n 6. Save the changes and exit the text editor.\n 7. Restart the **webd** process by typing the following command: \n\ntmsh restart sys service webd\n\n**FirePass**\n\n**Disabling SSLv3 for all FirePass interfaces**\n\n**Impact of procedure**: This procedure will restart services and prevent some connections to the FirePass system.\u00c2 You should perform this procedure during a maintenance window.\n\n 1. Log in to the FirePass Administrator interface.\n 2. Navigate to **Device Management** >** Security** > **User Access Security**.\n 3. Under\u00c2 **SSL Protocol Versions** click **Accept only TLS protocol** **(incompatible with some browsers)**.\n 4. Under **SSL Ciphers Policy Enforcement**, select the **Reject SSL connection when a non-compliant cipher is used by the client browser **check box.\n 5. To restart services, click \"**click *here* to restart FirePass Services**.\"\n 6. Click **Restart**.\n\n**ARX**\n\n**Changing the ARX Manager GUI cipher string (6.2.0 and later)**\n\nTo disable SSLv3 for the ARX Manager GUI, perform the following procedure:\n\n**Impact of procedure:** Disabling SSLv3 may prevent some connections to the ARX Manager GUI.\n\n 1. Log in to the ARX Manager GUI.\n 2. Expand **Maintenance**.\n 3. Select **Certificates**.\n 4. Click the tab for **SSL Ciphers**.\n 5. Deselect all SSL ciphers.\n\n**LineRate**\n\nTo mitigate this vulnerability in the SSL profile for the LineRate system, you can disable the SSLv3 protocol in the SSL profile by pre-pending **!SSLv3** to the cipher-list. For details about how to add this, refer to the following article:\n\n * [CVE-2014-3566: Removing SSLv3 from LineRate](<https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-linerate>)\n\n**Note**: A DevCentral login is required to access this content.\n\nSupplemental Information\n\n * SOL15882: TLS1.x padding vulnerability CVE-2014-8730\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL10942: Installing OPSWAT hotfixes on BIG-IP APM systems\n**Note**: A DevCentral login is required to access the following content.\n\n * [CVE-2014-3566 POODLE vs CVE-2014-8730 TLS POODLE](<https://devcentral.f5.com/articles/cve-2014-3566-poodle-vs-cve-2014-8730-tls-poodle>)\n * [CVE-2014-3566: Removing SSLv3 from BIG-IP](<https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip>)\n * [iRule to stop SSLv3 connections](<https://devcentral.f5.com/articles/irule-to-stop-sslv3-connections>)\n * [POODLE and TLS_FALLBACK_SCSV deep dive](<https://devcentral.f5.com/articles/poodle-and-tlsfallbackscsv-deep-dive>)\n * [SSLv3 POODLE mitigation recommendations](<https://devcentral.f5.com/articles/sslv3-poodle-recommendations>)\n", "modified": "2016-07-29T00:00:00", "published": "2014-10-14T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/700/sol15702.html", "id": "SOL15702", "title": "SOL15702 - SSLv3 vulnerability CVE-2014-3566", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:15", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "\nMicka\u00c3\u00abl Guessant reports:\n\nDavMail 4.6.0 released\nEnhancements: Fix potential CVE-2014-3566 vulnerability.\n\n", "edition": 4, "modified": "2014-10-27T00:00:00", "published": "2014-10-27T00:00:00", "id": "384FC0B2-0144-11E5-8FDA-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/384fc0b2-0144-11e5-8fda-002590263bf5.html", "title": "davmail -- fix potential CVE-2014-3566 vulnerability (POODLE)", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:41", "bulletinFamily": "software", "cvelist": ["CVE-2014-3566", "CVE-2014-3356"], "description": "CVE-2014-3566 SSLV3 POODLE\n\n# \n\nModerate\n\n# Vendor\n\nThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i\n\n# Versions Affected\n\n * SSLv3 \n\n# Description\n\nSSL 3.0 [RFC6101] is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0 [RFC2246], TLS 1.1 [RFC4346] and TLS 1.2 [RFC5246], many TLS implementations remain backwards \u00adcompatible with SSL 3.0 to interoperate with legacy systems in the interest of a smooth user experience.\n\nThe protocol handshake provides for authenticated version negotiation, so normally the latest protocol version common to the client and the server will be used. However, even if a client and server both support a version of TLS, the security level offered by SSL 3.0 is still relevant since many clients implement a protocol downgrade dance to work around server\u00adside interoperability bugs. Attackers can exploit the downgrade dance and break the cryptographic security of SSL 3.0. Our POODLE attack (Padding Oracle On Downgraded Legacy Encryption) will allow them, for example, to steal \u201csecure\u201d HTTP cookies (or other bearer tokens such as HTTP Authorization header contents).\n\n# Affected Products and Versions\n\n_Severity is moderate unless otherwise noted. \n_\n\n * BOSH: All versions of Cloud Foundry BOSH stemcells 2743 and prior use SSLv3 and thus are vulnerable to CVE-2014-3356 \n * tc Server 2.9.0 to 2.9.7 and 3.0.0 to 3.0.1. Previous, unsupported tc Server versions may also be affected. \n\n# Mitigation\n\nThe Cloud Foundry project recommends that HAProxy or any other ELBs is use be updated to disable SSLv3 as a workaround that resolves CVE-2014-3566.\n\nThe details published by the Apache Software Foundation for [mitigating this attack for Apache Tomcat](<https://wiki.apache.org/tomcat/Security/POODLE>) apply equally to tc Runtime instances. The tc Server team is tracking the work of the Apache Tomcat project to release versions of Apache Tomcat that disable SSLv3 by default. tc Server releases will follow the releases from the Apache Software Foundation.\n\n# Credit\n\nGoogle researchers Bodo M\u00f6ller, Thai Duong and Krzysztof Kotowicz released a [paper](<https://www.openssl.org/~bodo/ssl-poodle.pdf>) discussing a serious bug in SSL 3.0 that allows attackers to conduct man-in-the-middle attacks and decrypt the traffic between Web servers and end users.\n\n# References\n\n * <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566>\n * <https://www.openssl.org/~bodo/ssl-poodle.pdf>\n * <http://boshartifacts.cloudfoundry.org/file_collections?type=stemcells>\n * <https://github.com/cloudfoundry/cf-release>\n * <https://wiki.apache.org/tomcat/Security/POODLE>\n\n# History\n\n2014-Oct-16: Initial vulnerability report published.\n\n2013-Nov-03: Updated to include tc Server information\n", "edition": 5, "modified": "2014-10-16T00:00:00", "published": "2014-10-16T00:00:00", "id": "CFOUNDRY:ACE3C7E4A01EEFAC1C8D47279076DC77", "href": "https://www.cloudfoundry.org/blog/cve-2014-3566/", "title": "CVE-2014-3566 SSLV3 POODLE | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "citrix": [{"lastseen": "2020-11-18T15:29:34", "bulletinFamily": "software", "cvelist": ["CVE-2014-3566"], "description": "<section class=\"article-content\" data-swapid=\"ArticleContent\">\n<div class=\"content-block\" data-swapid=\"ContentBlock\"><div>\n<div>\n<h2> Description of Problem</h2>\n<div>\n<div>\n<div>\n<p>The recently disclosed protocol flaw in SSLv3, referred to as CVE-2014-3566 (<a href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566</a>) or POODLE, could expose some deployments that support SSLv3 to a risk of an active Man in the Middle (MITM) attack. A successful attack could lead to the disclosure of the information that is being sent over the encrypted channel.</p>\n<p>Considering the mitigating factors described below, Citrix does not consider this to be a high risk vulnerability. However, Citrix recommends that customers review their usage of SSLv3 and take steps to reconfigure their deployments to remove support for SSLv3 where appropriate.</p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Mitigating Factors</h2>\n<div>\n<div>\n<div>\n<p>Customers should consider the following mitigating factors when assessing the risks posed by this issue:</p>\n<ul>\n<li>In order to exploit this issue, a network-based attacker would need to be in a position to inject selected plain text into the encrypted channel. A typical scenario would be where a malicious script running inside a web browser is able to send data through the SSLv3 encrypted channel. </li>\n<li>A typical exploit would require a relatively high volume of malicious traffic to extract a small quantity of data from the SSLv3 encrypted channel.</li>\n<li>Customers using deployments configured to be FIPS 140-2 compliant would typically not be affected by this issue as SSLv3 should not be enabled.</li>\n</ul>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> What Customers Should Do</h2>\n<div>\n<div>\n<div>\n<p>The following sections provide guidance on configuring SSLv3 support for relevant Citrix products, additional sections will be added as our analysis progresses. Customers requiring further assistance should refer to the documentation for their products or contact their normal Citrix Support representative. Product documentation is available on the Citrix website at the following address: <a href=\"http://support.citrix.com/proddocs/topic/infocenter/ic-how-to-use.html\">http://support.citrix.com/proddocs/topic/infocenter/ic-how-to-use.html</a></p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Citrix NetScaler ADC and NetScaler Gateway</h2>\n<div>\n<div>\n<div>\n<p>Customers should note that some scanning tools may report the TLS and DTLS Padding Validation Vulnerability described in CTX200378 as the \u201cPOODLE\u201d or \u201cTLS POODLE\u201d vulnerability. If these issues are still being reported when SSLv3 has been disabled please refer to CTX200378 for guidance.<br/> </p>\n<p> <b>NetScaler vServers:</b></p>\n<p>To disable SSLv3 on a specific vServer, run the following command from the NSCLI:</p>\n<p> <i>set ssl vserver <vservername> -ssl3 disabled</i></p>\n<p> <b>NetScaler Management Interfaces:</b></p>\n<p>To disable SSLv3 on the NetScaler management interface, run the following commands from the NSCLI:</p>\n<p> <i>set ssl service nshttps-127.0.0.1-443 -ssl3 disabled</i></p>\n<p> <b>NetScaler Management Interfaces on the MIP/SNIP:</b></p>\n<p>To disable SSLv3 on the MIP/SNIP, identify the internal service names by running the following command from the NSCLI for each IP address:</p>\n<p> <i>show service \u2013internal | grep <IP></i></p>\n<p>SSLv3 can then be disabled for each IP address using the following NSCLI command:</p>\n<p> <i>set ssl service <internal service name for that ip> -ssl3 disabled</i></p>\n<p>Note that, after these commands have been run, the NetScaler configuration should be saved with the NSCLI command \"<i>save config</i>\" so that the changes persist across appliance reboots. As with all configuration changes, Citrix recommends that these changes are validated within a test environment prior to deploying to a production environment.</p>\n<p>Customers requiring further assistance should refer to the documentation for their products or contact their normal Citrix Support representative.</p>\n<p> <b>NetScaler Service Delivery Appliances</b></p>\n<p>Customers using NetScaler Service Delivery Appliance service VM are affected by this vulnerability. To address this issue, customers should upgrade their Service Delivery Appliances to the following versions:</p>\n<ul>\n<li>10.5 Build 54.9 and later</li>\n<li>10.5 Build 54.9009.e and later</li>\n<li>10.1 Build 131.1 and later</li>\n<li>10.1 Build 130.1302.e and later</li>\n</ul>\n<div>\n These new versions are available on the Citrix website at the following address: \n </div>\n<div>\n<a href=\"https://www.citrix.com/content/citrix/en_us/downloads/netscaler-adc.html\">https://www.citrix.com/content/citrix/en_us/downloads/netscaler-adc.html</a>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Command Center</h2>\n<div>\n<div>\n<div>\n<p>Customers using Command Center are affected by this vulnerability. To address this issue, customers should upgrade their Command Center deployment to the following versions:</p>\n<ul>\n<li>5.2 Build 43.19 and later</li>\n<li>5.1 Build 36.7 and later</li>\n</ul>\n<div>\n These new versions are available on the Citrix website at the following address: \n <a href=\"https://www.citrix.com/downloads/command-center.html\">https://www.citrix.com/downloads/command-center.html</a>\n</div>\n<div>\n</div>\n<div>\n Once upgraded, customers wishing to disable SSLv3 should then make this change in the Command Center user interface. \n </div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Citrix Secure Gateway & SSL Relay</h2>\n<div>\n<div>\n<div>\n<p>Information on how to configure supported versions of Citrix Secure Gateway can be found in the product documentation. This is available on the Citrix website at the following address:</p>\n<p> <a href=\"https://docs.citrix.com/en-us/xenapp-and-xendesktop/xenapp-6-5/xenapp65-w2k8-wrapper/sg-presentation-server-v2/sg-configuring-sg-v2.html\">https://docs.citrix.com/en-us/xenapp-and-xendesktop/xenapp-6-5/xenapp65-w2k8-wrapper/sg-presentation-server-v2/sg-configuring-sg-v2.html</a></p>\n<p>It is possible to configure the protocol versions used by the internal SSL Relay component under the \"Connection\" tab of the configuration utility. Further information on this can be found in the product documentation at the following address: </p>\n<p> <a href=\"http://support.citrix.com/servlet/KbServlet/download/12606-102-16435/Administrators_Guide.pdf\">http://support.citrix.com/servlet/KbServlet/download/12606-102-16435/Administrators_Guide.pdf</a></p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Citrix Web Interface & Storefront</h2>\n<div>\n<div>\n<div>\n<p>Information on how to configure the use of cryptographic protocols on the underlying Microsoft web server can be found at the following location:</p>\n<p> <a href=\"http://support.microsoft.com/kb/245030\">http://support.microsoft.com/kb/245030</a></p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Citrix XenMobile</h2>\n<div>\n<div>\n<div>\n<p>Customers wishing to configure their XenMobile Device Manager (XDM) deployments to prevent the use of SSLv3 can make the following changes:</p>\n<ul>\n<li>Open the XDM tomcat configuration file server.xml for editing. The default installation location is c:\\program files (x86)\\Citrix\\XenMobile Device Manager\\tomcat\\conf\\server.xml </li>\n<li>Add the following line to https connector. Note: The default ports for the https connector are 443 and 8443:<br/> <br/> <i>sslEnabledProtocols=\"TLSv1.2,TLSv1.1,TLSv1\"</i> <br/> <span> <br/> </span></li>\n<li> <span>Save the configuration file and restart XDM</span> <br/> </li>\n</ul>\n<div>\n</div>\n<div>\n Customers using a combined NetScaler and XenMobile deployment should refer to the NetScaler guidance in this document for information on configuring their NetScaler appliances. \n </div>\n<div>\n</div>\n<div>\n Customers using Citrix AppController 9.0 should download the patch for their products available at the following location: \n </div>\n<div>\n<a href=\"https://support.citrix.com/article/CTX142031\">https://support.citrix.com/article/CTX142031</a>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Citrix CloudPortal Business Manager</h2>\n<div>\n<div>\n<div>\n<p>Information on how to configure the use of cryptographic protocols on the underlying web server can be found at the following location:</p>\n<p> <a href=\"http://support.citrix.com/proddocs/topic/cpbm-23-map/cpbm-install.html\">http://support.citrix.com/proddocs/topic/cpbm-23-map/cpbm-install.html</a></p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Citrix SaaS Solutions</h2>\n<div>\n<div>\n<div>\n<p>The following Citrix SaaS Solutions products are vulnerable to this issue:</p>\n<ul>\n<li>GoToMeeting</li>\n<li>GoToTraining</li>\n<li>GoToWebinar</li>\n<li>GoToAssist</li>\n<li>OpenVoice</li>\n<li>Citrix Labs Products (GoToMeet.me)</li>\n</ul>\n<p>Citrix is actively working to address this issue and further information will be added to the document as it becomes available.</p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Citrix XenMobile and App Controller</h2>\n<div>\n<div>\n<div>\n<p>A patch for affected versions of Citrix AppController has been released that address this vulnerability. This patch is available on the Citrix website at the following address:</p>\n<p> <a href=\"https://support.citrix.com/article/CTX142031\">https://support.citrix.com/article/CTX142031</a></p>\n<p>Citrix recommends that customers using affected versions of App Controller apply this patch to their appliances as soon as their patching schedule allows.</p>\n<p>Citrix XenMobile & App Controller 10 are not affected by this vulnerability</p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Citrix VDI-In-A-Box</h2>\n<div>\n<div>\n<div>\n<p>The following versions of Citrix VDI-In-A-Box (VIAB) are impacted by this vulnerability:</p>\n<p>Citrix VDI-In-A-Box 5.4.x: A new version of VIAB, 5.4.5, has been released to address this issue. This can be found at the following address: <a href=\"https://www.citrix.com/downloads/vdi-in-a-box/product-software/vdi-in-a-box-54.html\">https://www.citrix.com/downloads/vdi-in-a-box/product-software/vdi-in-a-box-54.html</a></p>\n<p>Citrix VDI-In-A-Box 5.3.x: A new version of VIAB, 5.3.10, has been released to address this vulnerability. This can be found at the following address: <a href=\"https://www.citrix.com/downloads/vdi-in-a-box/product-software/vdi-in-a-box-53.html\">https://www.citrix.com/downloads/vdi-in-a-box/product-software/vdi-in-a-box-53.html</a></p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Citrix CloudPlatform</h2>\n<div>\n<div>\n<div>\n<p>In configurations where CloudPlatform has been configured to use HTTPS to provide secure communication to the management server, Citrix recommends that customers consider disabling SSLv3. Information on how to configure the underlying webserver to support TLS only can be found in the following article: <a href=\"http://support.citrix.com/article/CTX132008\">http://support.citrix.com/article/CTX132008</a></p>\n<p>Citrix recommends that customers using affected versions of CloudPlatform update their SystemVM ISOs and upgrade their system and router virtual machine templates to the latest version. Information on how to obtain and carry out these updates can be found in the following articles:</p>\n<ul>\n<li>Updating the CloudPlatform SystemVM ISO: <a href=\"https://support.citrix.com/article/CTX200459\">https://support.citrix.com/article/CTX200459</a></li>\n<li>Upgrading CloudPlatform system and router virtual machine templates: <a href=\"https://support.citrix.com/article/CTX200024\">https://support.citrix.com/article/CTX200024</a></li>\n</ul>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Citrix Licensing</h2>\n<div>\n<div>\n<div>\n<p>License Server for Windows:</p>\n<p>When configured to use SSL, the License Server for Windows is impacted by this vulnerability. To disable SSLv3 on License Server for Windows, please see the following article: <a href=\"https://support.citrix.com/article/CTX200265\">https://support.citrix.com/article/CTX200265</a></p>\n<p>License Server VPX:</p>\n<p>SSLv3 is disabled in version 11.12.1 and later of the License Server VPX. Citrix recommends that customers upgrade to version 11.12.1 and later to address this issue. This version can be found at the following address: <a href=\"http://www.citrix.com/downloads/licensing.html\">http://www.citrix.com/downloads/licensing.html</a></p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> What Citrix is Doing</h2>\n<div>\n<div>\n<div>\n<p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href=\"http://support.citrix.com/\">http://support.citrix.com/</a></u>.</p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Obtaining Support on This Issue</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href=\"https://www.citrix.com/support/open-a-support-case.html\">https://www.citrix.com/support/open-a-support-case.html</a></u>. </p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Reporting Security Vulnerabilities</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 \u2013 <a href=\"http://support.citrix.com/article/CTX081743\">Reporting Security Issues to Citrix</a></p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Changelog</h2>\n<div>\n<div>\n<div>\n<table width=\"100%\">\n<tbody>\n<tr>\n<td colspan=\"1\" rowspan=\"1\" width=\"150\"><b>Date</b></td>\n<td colspan=\"1\" rowspan=\"1\"><b>Change</b></td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">October 15th 2014</td>\n<td colspan=\"1\" rowspan=\"1\">Initial bulletin published</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">October 16th 2014</td>\n<td colspan=\"1\" rowspan=\"1\">Secure Gateway configuration added</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">October 20th 2014</td>\n<td colspan=\"1\" rowspan=\"1\">SSL Relay, Web Interface/Storefront and XenMobile configuration added</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">November 7th 2014</td>\n<td colspan=\"1\" rowspan=\"1\">CloudPortal Business Manager section added</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">November 13th 2014</td>\n<td colspan=\"1\" rowspan=\"1\">SaaS Solutions section added</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">February 2nd 2015</td>\n<td colspan=\"1\" rowspan=\"1\">XenMobile App Controller section added</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">February 25th 2015</td>\n<td colspan=\"1\" rowspan=\"1\">Addition of VDI-In-A-Box section</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">March 4th 2015</td>\n<td colspan=\"1\" rowspan=\"1\">Addition of CloudPlatform section, change to XenMobile section</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">March 18th 2015</td>\n<td colspan=\"1\" rowspan=\"1\">VDI-In-A-Box section updated</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">April 8th 2015</td>\n<td colspan=\"1\" rowspan=\"1\">Update to Secure Gateway & SSL Relay section</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">April 28th 2015</td>\n<td colspan=\"1\" rowspan=\"1\">Update to NetScaler section</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">May 21st 2015</td>\n<td colspan=\"1\" rowspan=\"1\">Addition of Licensing section</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">July 7th 2015</td>\n<td colspan=\"1\" rowspan=\"1\">Update to SaaS Solutions section</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">September 1st 2015</td>\n<td colspan=\"1\" rowspan=\"1\">Update to NetScaler section</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">September 8th 2015</td>\n<td colspan=\"1\" rowspan=\"1\">Addition of Command Center section</td>\n</tr>\n<tr>\n<td colspan=\"1\" rowspan=\"1\">March 22nd 2016</td>\n<td colspan=\"1\" rowspan=\"1\">Updated link in Citrix Secure Gateway & SSL Relay section</td>\n</tr>\n</tbody>\n</table>\n</div>\n</div>\n</div>\n</div>\n</div></div>\n</section>", "edition": 2, "modified": "2019-08-15T04:00:00", "published": "2014-10-14T04:00:00", "id": "CTX200238", "href": "https://support.citrix.com/article/CTX200238", "title": "CVE-2014-3566 - Citrix Security Advisory for SSLv3 Protocol Flaw", "type": "citrix", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2021-01-07T10:41:23", "description": "Mickael Guessant reports :\n\nDavMail 4.6.0 released\n\nEnhancements: Fix potential CVE-2014-3566 vulnerability.", "edition": 23, "cvss3": {"score": 3.4, "vector": "AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}, "published": "2015-05-26T00:00:00", "title": "FreeBSD : davmail -- fix potential CVE-2014-3566 vulnerability (POODLE) (384fc0b2-0144-11e5-8fda-002590263bf5) (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2015-05-26T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:davmail"], "id": "FREEBSD_PKG_384FC0B2014411E58FDA002590263BF5.NASL", "href": "https://www.tenable.com/plugins/nessus/83794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83794);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-3566\");\n\n script_name(english:\"FreeBSD : davmail -- fix potential CVE-2014-3566 vulnerability (POODLE) (384fc0b2-0144-11e5-8fda-002590263bf5) (POODLE)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mickael Guessant reports :\n\nDavMail 4.6.0 released\n\nEnhancements: Fix potential CVE-2014-3566 vulnerability.\"\n );\n # http://sourceforge.net/p/davmail/mailman/message/33279118/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://sourceforge.net/p/davmail/mailman/message/33279118/\"\n );\n # http://sourceforge.net/p/davmail/code/2322/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://sourceforge.net/p/davmail/code/2322/\"\n );\n # https://vuxml.freebsd.org/freebsd/384fc0b2-0144-11e5-8fda-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e12e2b0a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:davmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"davmail<4.6.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-06T09:17:43", "description": "A man-in-the-middle (MitM) information disclosure vulnerability,\nknown as POODLE, exists due to the way SSL 3.0 handles padding bytes\nwhen decrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. A MitM attacker can decrypt a selected byte of a\ncipher text in as few as 256 tries if they are able to force a victim\napplication to repeatedly send the same data over newly created SSL\n3.0 connections.", "edition": 30, "published": "2015-06-19T00:00:00", "title": "AIX 7.1 TL 2 : nettcp (IV73418) (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2015-06-19T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV73418.NASL", "href": "https://www.tenable.com/plugins/nessus/84270", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84270);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"AIX 7.1 TL 2 : nettcp (IV73418) (POODLE)\");\n script_summary(english:\"Check for APAR IV73418 or APAR IV75645.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host is missing a security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"A man-in-the-middle (MitM) information disclosure vulnerability,\nknown as POODLE, exists due to the way SSL 3.0 handles padding bytes\nwhen decrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. A MitM attacker can decrypt a selected byte of a\ncipher text in as few as 256 tries if they are able to force a victim\napplication to repeatedly send the same data over newly created SSL\n3.0 connections.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\"Install the appropriate interim fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/19\");\n\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\", \"Host/AIX/oslevelsp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\noslevel = chomp(get_kb_item(\"Host/AIX/oslevelsp\"));\nif (isnull(oslevel)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\noslevelparts = split(oslevel, sep:'-', keep:0);\nif ( max_index(oslevelparts) != 4 ) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nif ( oslevelparts[0] != \"7100\" || oslevelparts[1] != \"02\" || oslevelparts[2] != \"06\" ) audit(AUDIT_OS_NOT, \"AIX 7100-02-06\", \"AIX \" + oslevel);\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"02\", sp:\"06\", patch:\"(IV73418s6a|IV75645m6a)\", package:\"bos.net.tcp.client\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.2.19\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"02\", sp:\"06\", patch:\"(IV73418s6a|IV75645m6a)\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.2.18\") < 0) flag++;\n\nif (flag)\n{\n aix_report_extra = ereg_replace(string:aix_report_get(), pattern:\"[()]\", replace:\"\");\n aix_report_extra = ereg_replace(string:aix_report_extra, pattern:\"[|]\", replace:\" or \");\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_extra);\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bos.net.tcp.client / bos.net.tcp.server\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-06T09:17:43", "description": "A man-in-the-middle (MitM) information disclosure vulnerability,\nknown as POODLE, exists due to the way SSL 3.0 handles padding bytes\nwhen decrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. A MitM attacker can decrypt a selected byte of a\ncipher text in as few as 256 tries if they are able to force a victim\napplication to repeatedly send the same data over newly created SSL\n3.0 connections.", "edition": 30, "published": "2015-06-19T00:00:00", "title": "AIX 7.1 TL 2 : nettcp (IV73319) (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2015-06-19T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV73319.NASL", "href": "https://www.tenable.com/plugins/nessus/84266", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84266);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"AIX 7.1 TL 2 : nettcp (IV73319) (POODLE)\");\n script_summary(english:\"Check for APAR IV73319 or APAR IV75645.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host is missing a security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"A man-in-the-middle (MitM) information disclosure vulnerability,\nknown as POODLE, exists due to the way SSL 3.0 handles padding bytes\nwhen decrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. A MitM attacker can decrypt a selected byte of a\ncipher text in as few as 256 tries if they are able to force a victim\napplication to repeatedly send the same data over newly created SSL\n3.0 connections.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\"Install the appropriate interim fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/19\");\n\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\", \"Host/AIX/oslevelsp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\noslevel = chomp(get_kb_item(\"Host/AIX/oslevelsp\"));\nif (isnull(oslevel)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\noslevelparts = split(oslevel, sep:'-', keep:0);\nif ( max_index(oslevelparts) != 4 ) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nif ( oslevelparts[0] != \"7100\" || oslevelparts[1] != \"02\" || oslevelparts[2] != \"06\" ) audit(AUDIT_OS_NOT, \"AIX 7100-02-06\", \"AIX \" + oslevel);\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"02\", sp:\"06\", patch:\"(IV73319s6a|IV75645m6a)\", package:\"bos.net.tcp.client\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.2.19\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"02\", sp:\"06\", patch:\"(IV73319s6a|IV75645m6a)\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.2.18\") < 0) flag++;\n\nif (flag)\n{\n aix_report_extra = ereg_replace(string:aix_report_get(), pattern:\"[()]\", replace:\"\");\n aix_report_extra = ereg_replace(string:aix_report_extra, pattern:\"[|]\", replace:\" or \");\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_extra);\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bos.net.tcp.client / bos.net.tcp.server\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-06T13:23:22", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - xend: disable sslv3 due to (CVE-2014-3566)", "edition": 30, "cvss3": {"score": 3.4, "vector": "AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}, "published": "2014-11-26T00:00:00", "title": "OracleVM 3.3 : xen (OVMSA-2014-0038) (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2014-11-26T00:00:00", "cpe": ["cpe:/o:oracle:vm_server:3.3", "p-cpe:/a:oracle:vm:xen", "p-cpe:/a:oracle:vm:xen-tools"], "id": "ORACLEVM_OVMSA-2014-0038.NASL", "href": "https://www.tenable.com/plugins/nessus/79553", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2014-0038.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79553);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n\n script_name(english:\"OracleVM 3.3 : xen (OVMSA-2014-0038) (POODLE)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - xend: disable sslv3 due to (CVE-2014-3566)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2014-November/000239.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c3b9133e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen / xen-tools packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"xen-4.3.0-55.el6.0.5\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"xen-tools-4.3.0-55.el6.0.5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-tools\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:12:09", "description": " - Mon Oct 20 2014 Jeffrey C. Ollie <jeff at ocjtech.us> -\n 11.13.1-1 The Asterisk Development Team has announced\n security releases for Certified Asterisk 1.8.28 and 11.6\n and Asterisk 1.8, 11, 12, and 13. The available security\n releases are released as versions 1.8.28-cert2,\n 11.6-cert7, 1.8.31.1, 11.13.1, 12.6.1, and 13.0.0-beta3.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe release of these versions resolves the following security\nvulnerability :\n\n - AST-2014-011: Asterisk Susceptibility to POODLE\n Vulnerability\n\n Asterisk is susceptible to the POODLE vulnerability in\n two ways: 1) The res_jabber and res_xmpp module both use\n SSLv3 exclusively for their encrypted connections. 2)\n The core TLS handling in Asterisk, which is used by the\n chan_sip channel driver, Asterisk Manager Interface\n (AMI), and Asterisk HTTP Server, by default allow a TLS\n connection to fallback to SSLv3. This allows for a MITM\n to potentially force a connection to fallback to SSLv3,\n exposing it to the POODLE vulnerability.\n\n These issues have been resolved in the versions released\n in conjunction with this security advisory.\n\nFor more information about the details of this vulnerability, please\nread security advisory AST-2014-011, which was released at the same\ntime as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLogs :\n\nhttp://downloads.asterisk.org/pub/telephony/certified-asterisk/release\ns/ChangeLog-1.8.28-cert2\nhttp://downloads.asterisk.org/pub/telephony/certified-asterisk/release\ns/ChangeLog-11.6-cert7\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.31.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-11.13.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-12.6.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-13.0.0-beta3\n\nThe security advisory is available at :\n\n -\n http://downloads.asterisk.org/pub/security/AST-2014-011.\n pdf\n\n - Mon Oct 20 2014 Jeffrey C. Ollie <jeff at ocjtech.us> -\n 11.13.0-1 The Asterisk Development Team has announced\n the release of Asterisk 11.13.0. This release is\n available for immediate download at\n http://downloads.asterisk.org/pub/telephony/asterisk\n\nThe release of Asterisk 11.13.0 resolves several issues reported by\nthe community and would have not been possible without your\nparticipation. Thank you!\n\nThe following are the issues resolved in this release :\n\nBugs fixed in this release :\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 6.8, "vector": "AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}, "published": "2014-11-03T00:00:00", "title": "Fedora 21 : asterisk-11.13.1-1.fc21 (2014-13399) (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2014-11-03T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:21", "p-cpe:/a:fedoraproject:fedora:asterisk"], "id": "FEDORA_2014-13399.NASL", "href": "https://www.tenable.com/plugins/nessus/78804", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-13399.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78804);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_xref(name:\"FEDORA\", value:\"2014-13399\");\n\n script_name(english:\"Fedora 21 : asterisk-11.13.1-1.fc21 (2014-13399) (POODLE)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Mon Oct 20 2014 Jeffrey C. Ollie <jeff at ocjtech.us> -\n 11.13.1-1 The Asterisk Development Team has announced\n security releases for Certified Asterisk 1.8.28 and 11.6\n and Asterisk 1.8, 11, 12, and 13. The available security\n releases are released as versions 1.8.28-cert2,\n 11.6-cert7, 1.8.31.1, 11.13.1, 12.6.1, and 13.0.0-beta3.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe release of these versions resolves the following security\nvulnerability :\n\n - AST-2014-011: Asterisk Susceptibility to POODLE\n Vulnerability\n\n Asterisk is susceptible to the POODLE vulnerability in\n two ways: 1) The res_jabber and res_xmpp module both use\n SSLv3 exclusively for their encrypted connections. 2)\n The core TLS handling in Asterisk, which is used by the\n chan_sip channel driver, Asterisk Manager Interface\n (AMI), and Asterisk HTTP Server, by default allow a TLS\n connection to fallback to SSLv3. This allows for a MITM\n to potentially force a connection to fallback to SSLv3,\n exposing it to the POODLE vulnerability.\n\n These issues have been resolved in the versions released\n in conjunction with this security advisory.\n\nFor more information about the details of this vulnerability, please\nread security advisory AST-2014-011, which was released at the same\ntime as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLogs :\n\nhttp://downloads.asterisk.org/pub/telephony/certified-asterisk/release\ns/ChangeLog-1.8.28-cert2\nhttp://downloads.asterisk.org/pub/telephony/certified-asterisk/release\ns/ChangeLog-11.6-cert7\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.31.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-11.13.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-12.6.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-13.0.0-beta3\n\nThe security advisory is available at :\n\n -\n http://downloads.asterisk.org/pub/security/AST-2014-011.\n pdf\n\n - Mon Oct 20 2014 Jeffrey C. Ollie <jeff at ocjtech.us> -\n 11.13.0-1 The Asterisk Development Team has announced\n the release of Asterisk 11.13.0. This release is\n available for immediate download at\n http://downloads.asterisk.org/pub/telephony/asterisk\n\nThe release of Asterisk 11.13.0 resolves several issues reported by\nthe community and would have not been possible without your\nparticipation. Thank you!\n\nThe following are the issues resolved in this release :\n\nBugs fixed in this release :\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2014-011.pdf\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/releases/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.31.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?37c37e48\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.13.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?31a540f8\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.6.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8aaea28d\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.0-beta3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a3d5c3c6\"\n );\n # http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.28-cert2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2a2f1c54\"\n );\n # http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert7\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3fe11d8f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1154894\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/142089.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?344079a1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected asterisk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/03\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"asterisk-11.13.1-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-03-01T03:45:19", "description": "The remote host has a version of Cisco AnyConnect prior to 3.1(5187).\nIt is, therefore, affected by an information disclosure vulnerability\nknown as POODLE. The vulnerability is due to the way SSL 3.0 handles\npadding bytes when decrypting messages encrypted using block ciphers\nin cipher block chaining (CBC) mode. A MitM attacker can decrypt a\nselected byte of a cipher text in as few as 256 tries if they are able\nto force a victim application to repeatedly send the same data over\nnewly created SSL 3.0 connections.", "edition": 25, "published": "2014-10-24T00:00:00", "title": "Mac OS X : Cisco AnyConnect Secure Mobility Client < 3.1(5187) (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:cisco:anyconnect_secure_mobility_client"], "id": "MACOSX_CISCO_ANYCONNECT_3_1_5187.NASL", "href": "https://www.tenable.com/plugins/nessus/78677", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78677);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20141015-poodle\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCur27617\");\n\n script_name(english:\"Mac OS X : Cisco AnyConnect Secure Mobility Client < 3.1(5187) (POODLE)\");\n script_summary(english:\"Checks the version of the Cisco AnyConnect client.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host has a version of Cisco AnyConnect prior to 3.1(5187).\nIt is, therefore, affected by an information disclosure vulnerability\nknown as POODLE. The vulnerability is due to the way SSL 3.0 handles\npadding bytes when decrypting messages encrypted using block ciphers\nin cipher block chaining (CBC) mode. A MitM attacker can decrypt a\nselected byte of a cipher text in as few as 256 tries if they are able\nto force a victim application to repeatedly send the same data over\nnewly created SSL 3.0 connections.\");\n # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7453d3be\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20141015.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Cisco AnyConnect Secure Mobility Client 3.1(5187) or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cisco:anyconnect_secure_mobility_client\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_cisco_anyconnect_installed.nasl\");\n script_require_keys(\"installed_sw/Cisco AnyConnect Secure Mobility Client\", \"Host/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nget_kb_item_or_exit(\"Host/MacOSX/Version\");\n\nappname = \"Cisco AnyConnect Secure Mobility Client\";\n\ninstall = get_single_install(app_name:appname, exit_if_unknown_ver:TRUE);\npath = install['path'];\nver = install['version'];\n\nfix = '3.1.5187';\nfix_display = fix + ' (3.1(5187))';\n\nif (ver_compare(ver:ver, fix:fix, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report +=\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix_display +\n '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, appname, ver, path);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:12:11", "description": "New features :\n\n - Send list of compliance reasons on dbus\n\n - Added client-side support for --matches on the list\n command.\n\nSecurity :\n\n - 1153375: Support TLSv1.2 and v1.1 by default.\n (CVE-2014-3566)\n\nBug fixes :\n\n - 1120772: Don't traceback on missing /ostree/repo\n\n - 1094747: add appdata metdata file\n\n - 1122107: Clarify registration --consumerid option in\n manpage.\n\n - 1151925: Improved filtered listing output when results\n are empty.\n\n - 990183: Add a manpage for rhsm.conf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2014-11-07T00:00:00", "title": "Fedora 19 : python-rhsm-1.13.6-1.fc19 (2014-13794)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2014-11-07T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:python-rhsm"], "id": "FEDORA_2014-13794.NASL", "href": "https://www.tenable.com/plugins/nessus/78906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-13794.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78906);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(70574);\n script_xref(name:\"FEDORA\", value:\"2014-13794\");\n\n script_name(english:\"Fedora 19 : python-rhsm-1.13.6-1.fc19 (2014-13794)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New features :\n\n - Send list of compliance reasons on dbus\n\n - Added client-side support for --matches on the list\n command.\n\nSecurity :\n\n - 1153375: Support TLSv1.2 and v1.1 by default.\n (CVE-2014-3566)\n\nBug fixes :\n\n - 1120772: Don't traceback on missing /ostree/repo\n\n - 1094747: add appdata metdata file\n\n - 1122107: Clarify registration --consumerid option in\n manpage.\n\n - 1151925: Improved filtered listing output when results\n are empty.\n\n - 990183: Add a manpage for rhsm.conf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/142743.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?600f5266\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python-rhsm package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-rhsm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"python-rhsm-1.13.6-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-rhsm\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-03-01T01:25:11", "description": "According to the version in its SIP banner, the version of Asterisk\nrunning on the remote host is potentially affected by an error related\nto the way SSL 3.0 handles padding bytes when decrypting messages\nencrypted using block ciphers in cipher block chaining (CBC) mode. A\nman-in-the-middle attacker can decrypt a selected byte of a cipher\ntext in as few as 256 tries if they are able to force a victim\napplication to repeatedly send the same data over newly created SSL\n3.0 connections. This is also known as the 'POODLE' issue.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 27, "published": "2014-10-22T00:00:00", "title": "Asterisk Information Disclosure (AST-2014-011) (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:digium:asterisk"], "id": "ASTERISK_AST_2014_011.NASL", "href": "https://www.tenable.com/plugins/nessus/78623", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78623);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"Asterisk Information Disclosure (AST-2014-011) (POODLE)\");\n script_summary(english:\"Checks the version in the SIP banner.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A telephony application running on the remote host is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version in its SIP banner, the version of Asterisk\nrunning on the remote host is potentially affected by an error related\nto the way SSL 3.0 handles padding bytes when decrypting messages\nencrypted using block ciphers in cipher block chaining (CBC) mode. A\nman-in-the-middle attacker can decrypt a selected byte of a cipher\ntext in as few as 256 tries if they are able to force a victim\napplication to repeatedly send the same data over newly created SSL\n3.0 connections. This is also known as the 'POODLE' issue.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Asterisk 1.8.31.1 / 11.13.1 / 12.6.1 / 1.8.28-cert2 /\n11.6-cert7 or apply the appropriate patch listed in the Asterisk\nadvisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2014-011.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://issues.asterisk.org/jira/browse/ASTERISK-24425\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20141015.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/vulnerabilities.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/22\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:digium:asterisk\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"asterisk_detection.nasl\");\n script_require_keys(\"asterisk/sip_detected\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"asterisk/sip_detected\");\n\nasterisk_kbs = get_kb_list_or_exit(\"sip/asterisk/*/version\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nis_vuln = FALSE;\nnot_vuln_installs = make_list();\nerrors = make_list();\n\nforeach kb_name (keys(asterisk_kbs))\n{\n vulnerable = 0;\n\n matches = eregmatch(pattern:\"/(udp|tcp)/([0-9]+)/version\", string:kb_name);\n if (isnull(matches))\n {\n errors = make_list(errors, \"Unexpected error parsing port number from '\"+kb_name+\"'.\");\n continue;\n }\n\n proto = matches[1];\n port = matches[2];\n version = asterisk_kbs[kb_name];\n\n if (version == 'unknown')\n {\n errors = make_list(errors, \"Unable to obtain version of install on \" + proto + \"/\" + port + \".\");\n continue;\n }\n\n banner = get_kb_item(\"sip/asterisk/\" + proto + \"/\" + port + \"/source\");\n if (!banner)\n {\n # We have version but banner is missing;\n # log error and use in version-check though.\n errors = make_list(errors, \"KB item 'sip/asterisk/\" + proto + \"/\" + port + \"/source' is missing.\");\n banner = 'unknown';\n }\n\n # Open Source 1.8.x < 1.8.31.1\n if (version =~ \"^1\\.8([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"1.8.31.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Open Source 11.x < 11.13.1\n else if (version =~ \"^11([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"11.13.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Open Source 12.x < 12.6.1\n else if (version =~ \"^12\\.\" && \"cert\" >!< tolower(version))\n {\n fixed = \"12.6.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Asterisk Certified 1.8.28-certx < 1.8.28-cert2\n else if (version =~ \"^1\\.8\\.28([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"1.8.28-cert2\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Asterisk Certified 11.6-certx < 11.6-cert7\n else if (version =~ \"^11\\.6([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"11.6-cert7\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n if (vulnerable < 0)\n {\n is_vuln = TRUE;\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed + '\\n';\n security_warning(port:port, proto:proto, extra:report);\n }\n else security_warning(port:port, proto:proto);\n }\n else not_vuln_installs = make_list(not_vuln_installs, version + \" on port \" + proto + \"/\" + port);\n}\n\nif (max_index(errors))\n{\n if (max_index(errors) == 1) errmsg = errors[0];\n else errmsg = 'Errors were encountered verifying installs : \\n ' + join(errors, sep:'\\n ');\n\n exit(1, errmsg);\n}\nelse\n{\n installs = max_index(not_vuln_installs);\n if (installs == 0)\n {\n if (is_vuln) exit(0);\n else audit(AUDIT_NOT_INST, \"Asterisk\");\n }\n else if (installs == 1) audit(AUDIT_INST_VER_NOT_VULN, \"Asterisk \" + not_vuln_installs[0]);\n else exit(0, \"The Asterisk installs (\" + join(not_vuln_installs, sep:\", \") + \") are not affected.\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-09-14T18:33:35", "description": "The remote host is affected by a man-in-the-middle (MitM) information\ndisclosure vulnerability known as POODLE. The vulnerability is due to\nthe way SSL 3.0 handles padding bytes when decrypting messages\nencrypted using block ciphers in cipher block chaining (CBC) mode.\nMitM attackers can decrypt a selected byte of a cipher text in as few\nas 256 tries if they are able to force a victim application to\nrepeatedly send the same data over newly created SSL 3.0 connections.\n\nAs long as a client and service both support SSLv3, a connection can\nbe 'rolled back' to SSLv3, even if TLSv1 or newer is supported by the\nclient and service.\n\nThe TLS Fallback SCSV mechanism prevents 'version rollback' attacks\nwithout impacting legacy clients; however, it can only protect\nconnections when the client and service support the mechanism. Sites\nthat cannot disable SSLv3 immediately should enable this mechanism.\n\nThis is a vulnerability in the SSLv3 specification, not in any\nparticular SSL implementation. Disabling SSLv3 is the only way to\ncompletely mitigate the vulnerability.", "edition": 19, "cvss3": {"score": 6.8, "vector": "AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}, "published": "2014-10-15T00:00:00", "title": "SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2014-10-15T00:00:00", "cpe": [], "id": "SSL_POODLE.NASL", "href": "https://www.tenable.com/plugins/nessus/78479", "sourceData": "#TRUSTED 75056e42da04af0550e1aeb8ff733da2059a39e0ac0f21040f98211cc22d742247869ef3d21fd935fd2db3c3c2dcd63ab2d1906272842c5cd718ba61e86f031052386683f6c5444eada48cda127d574138522ff6b70f322f79654c9a8ddeb38b13252948a2c15207c854f981e2c489ef5231674a41f73b450fe9f997e70bc47efcf1a12eaee3daac519456d39400e62624000861fbe6d0d7449b99f726ac4bcd65697997aaba50b322b0287466759b62324a95633e3160c951539c1d3d80c681da9123bf9b7a9a7cdf78a3d06df945979e5f4142dc936e227f45ebce8514d7fe66697d4a7ecf9bffac4ef085ecbd6353567d80707998ad4de58ac80e84b1a26a14d6d82b3760ce243b061d742f733eb9fdb84f16d540ce599ff1d60ff25d5e038a821917475564cc14fff7feae9288601303fa9f3a3404d703a192d25b8e17efc793a9d7e72f3539733c500ba833f85fc5a3d507bd77afdaa637cafa86eb3eb6e2c36f0abb7858a9febcefa899ecd1d4cd285b3accf2e3e4e9551ab96dc18d18216d4041954ce6576e635540dee547d8ef2797fa51ac6153eefdb0fb4105997303820a764c6f12c7d687301a94b0c916a75ebb68260135ab23c188d3b6a76139a900eb5f788ec12cb1eef6078e94d4fa1fec33b9d2e11edc7e0b21f6721f8576e74f269da980da1d68f8893cf84d099c71c1c614195964daee41a7c5438c032c\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78479);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/12\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)\");\n script_summary(english:\"Checks if SSL/TLS server supports SSLv3 and TLS Fallback SCSV.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"It is possible to obtain sensitive information from the remote host\nwith SSL/TLS-enabled services.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by a man-in-the-middle (MitM) information\ndisclosure vulnerability known as POODLE. The vulnerability is due to\nthe way SSL 3.0 handles padding bytes when decrypting messages\nencrypted using block ciphers in cipher block chaining (CBC) mode.\nMitM attackers can decrypt a selected byte of a cipher text in as few\nas 256 tries if they are able to force a victim application to\nrepeatedly send the same data over newly created SSL 3.0 connections.\n\nAs long as a client and service both support SSLv3, a connection can\nbe 'rolled back' to SSLv3, even if TLSv1 or newer is supported by the\nclient and service.\n\nThe TLS Fallback SCSV mechanism prevents 'version rollback' attacks\nwithout impacting legacy clients; however, it can only protect\nconnections when the client and service support the mechanism. Sites\nthat cannot disable SSLv3 immediately should enable this mechanism.\n\nThis is a vulnerability in the SSLv3 specification, not in any\nparticular SSL implementation. Disabling SSLv3 is the only way to\ncompletely mitigate the vulnerability.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Disable SSLv3.\n\nServices that must support SSLv3 should enable the TLS Fallback SCSV\nmechanism until SSLv3 can be disabled.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3566\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssl_supported_versions.nasl\", \"ssl_supported_ciphers.nasl\");\n script_require_keys(\"SSL/Supported\");\n\n exit(0);\n}\n\ninclude(\"ftp_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"ldap_func.inc\");\ninclude(\"nntp_func.inc\");\ninclude(\"rsync.inc\");\ninclude(\"smtp_func.inc\");\ninclude(\"telnet2_func.inc\");\ninclude(\"x509_func.inc\");\ninclude(\"audit.inc\");\n\nconnection_reset = FALSE;\n# Send an SSLv3 ClientHello with modified cipher suite list.\n# Cipher suite list must be in the format that client_hello expects.\nfunction send_recv_client_hello(port, cipherspec)\n{\n local_var soc, rec, chello;\n\n soc = open_sock_ssl(port);\n if (!soc) return NULL;\n\n chello = client_hello(\n version:mkword(SSL_V3),\n v2hello:FALSE,\n cipherspec:cipherspec\n );\n send(socket:soc, data:chello);\n rec = recv_ssl(socket:soc, partial:TRUE);\n if (socket_get_error(soc) == ECONNRESET)\n connection_reset = TRUE;\n close(soc);\n\n return rec;\n}\n\nfunction check_fallback_scsv(port, cipherspec)\n{\n local_var rec, cipher_name, kb_key;\n\n # Add the TLS_FALLBACK_SCSV to the list\n cipherspec += raw_string(0x56, 0x00);\n\n rec = send_recv_client_hello(port:port, cipherspec:cipherspec);\n\n # If the server resets the connection, we consider the mitigation to be\n # applied. It's not technically following the spec (supposed to send an\n # alert), but functionally it's the same.\n # It appears Citrix Netscaler devices do this.\n if (connection_reset == TRUE && isnull(rec))\n return TRUE;\n\n rec = ssl_parse(blob:rec);\n if (isnull(rec))\n return \"no-record\";\n\n if (rec[\"content_type\"] == SSL3_CONTENT_TYPE_ALERT &&\n rec[\"level\"] == SSL3_ALERT_TYPE_FATAL &&\n rec[\"description\"] == SSL3_ALERT_TYPE_INAPPROPRIATE_FALLBACK)\n {\n return TRUE;\n }\n\n # Server responded with something that's not an INAPPROPRIATE_FALLBACK alert.\n # Probably a ServerHello. If not, something is wrong so bail.\n if (rec[\"content_type\"] == SSL3_CONTENT_TYPE_HANDSHAKE &&\n rec[\"handshake_type\"] == SSL3_HANDSHAKE_TYPE_SERVER_HELLO)\n {\n return FALSE;\n }\n\n kb_key = \"ssl_poodle_fallback_scsv_test_returned\";\n if (rec[\"content_type\"] == SSL3_CONTENT_TYPE_HANDSHAKE)\n set_kb_item(name:kb_key, value:\"handshake:\" + rec[\"handshake_type\"]);\n else if (rec[\"content_type\"] == SSL3_CONTENT_TYPE_ALERT)\n set_kb_item(name:kb_key, value:\"alert:\" + rec[\"level\"] + \":\" + rec[\"description\"]);\n else\n set_kb_item(name:kb_key, value:\"content_type:\" + rec[\"content_type\"]);\n\n return \"error\";\n}\n\nport = get_ssl_ports(fork:TRUE);\nif (isnull(port)) exit(0, \"This host has no SSL/TLS services.\");\nif (!get_port_state(port)) audit(AUDIT_PORT_CLOSED, port);\n\n# Check if SSLv3 and if some form of TLS is supported\nversions = make_list(get_kb_list_or_exit(\"SSL/Transport/\" + port));\nssl3_supported = FALSE;\ntls_supported = FALSE;\nforeach version (versions)\n{\n if (version == ENCAPS_SSLv3)\n ssl3_supported = TRUE;\n\n if (version >= ENCAPS_TLSv1)\n tls_supported = TRUE;\n}\nif (!ssl3_supported)\n exit(0, \"The service on port \" + port + \" does not support SSLv3.\");\n\ncbc_supported = FALSE;\ncipherspec = \"\";\nforeach cipher_name (get_kb_list_or_exit(\"SSL/Ciphers/\" + port))\n{\n if (cipher_name !~ \"^TLS1[12]?_\")\n continue;\n\n if (\"_CBC_\" >!< cipher_name)\n continue;\n\n cbc_supported = TRUE;\n cipherspec += ciphers[cipher_name];\n}\n\nif (!cbc_supported)\n exit(0, \"The service on port \" + port + \" supports SSLv3 but not any CBC cipher suites.\");\n\n# If the server supports only SSLv3 (nothing newer, like TLSv1.1) then\n# there is no way to detect the TLS_FALLBACK_SCSV in action.\nfallback_scsv_supported = FALSE;\nif (tls_supported)\n fallback_scsv_supported = check_fallback_scsv(port:port, cipherspec:cipherspec);\n\nif (fallback_scsv_supported == TRUE)\n exit(0, \"The service on port \" + port + \" supports SSLv3 with CBC ciphers, but the Fallback SCSV mechanism is enabled.\");\n\nif (fallback_scsv_supported == \"no-record\")\n exit(0, \"The service on port \" + port + \" supports SSLv3 with CBC ciphers, and the server did not reply while determining Fallback SCSV support.\");\n\nif (fallback_scsv_supported == \"error\")\n exit(0, \"The service on port \" + port + \" supports SSLv3 with CBC ciphers, and support for Fallback SCSV could not be determined.\");\n\nreport = NULL;\nif (report_verbosity > 0)\n{\n report =\n '\\n' + 'Nessus determined that the remote server supports SSLv3 with at least one CBC ' +\n '\\n' + 'cipher suite, indicating that this server is vulnerable.\\n';\n\n if (!tls_supported)\n {\n report +=\n '\\n' + 'It appears that TLSv1 or newer is not supported on the server. Mitigating this ' +\n '\\n' + 'vulnerability requires SSLv3 to be disabled and TLSv1 or newer to be enabled.';\n }\n else\n {\n # We only get here if TLS is supported *and* Fallback SCSV is not enabled.\n report +=\n '\\n' + 'It appears that TLSv1 or newer is supported on the server. However, the ' +\n '\\n' + 'Fallback SCSV mechanism is not supported, allowing connections to be \"rolled ' +\n '\\n' + 'back\" to SSLv3.';\n }\n\n report += '\\n';\n}\nset_kb_item(name:\"SSL/vulnerable_to_poodle/\"+port, value:TRUE);\nsecurity_warning(port:port, extra:report);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:13:50", "description": "Update to latest release\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 19, "cvss3": {"score": 6.8, "vector": "AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}, "published": "2015-10-16T00:00:00", "title": "Fedora 21 : fossil-1.33-1.fc21 (2015-9090) (POODLE)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "modified": "2015-10-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:fossil", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-9090.NASL", "href": "https://www.tenable.com/plugins/nessus/86409", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-9090.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86409);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_xref(name:\"FEDORA\", value:\"2015-9090\");\n\n script_name(english:\"Fedora 21 : fossil-1.33-1.fc21 (2015-9090) (POODLE)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest release\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1191203\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-October/169374.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ad252f0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected fossil package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:fossil\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/14\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"fossil-1.33-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"fossil\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "aix": [{"lastseen": "2019-05-29T19:19:11", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566", "CVE-2014-3513", "CVE-2014-3567"], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: <Wed Oct 29 04:58:52 CDT 2014>\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc\nhttps://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc\nftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc\n===============================================================================\n VULNERABILITY SUMMARY\n\n1.VULNERABILITY: AIX OpenSSL Denial of Service due to memory leak in DTLS SRTP extension\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2014-3513\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n2. VULNERABILITY: AIX OpenSSL Patch to mitigate CVE-2014-3566\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2014-3566\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n3. VULNERABILITY: AIX OpenSSL Denial of Service due to memory consumption\n\n PLATFORMS: AIX 5.3, 6.1 and 7.1\n VIOS 2.2.*\n\n SOLUTION: Apply the fix as described below.\n\n THREAT: See below\n\n CVE Numbers: CVE-2014-3567\n\n Reboot required? NO\n Workarounds? NO\n Protected by FPM? NO\n Protected by SED? NO\n\n===============================================================================\n DETAILED INFORMATION\n\nI. DESCRIPTION \n \n 1. CVE-2014-3513\n\tOpenSSL could allow remote attackers to cause a denial of service \n\t(memory consumption) via crafted handshake message\n\n 2. CVE-2014-3566\n\tSSL protocol 3.0 uses nondeterministic CBC padding, which makes it easier\n\tfor man-in-the-middle attackers to obtain cleartext data via a \n\tpadding-oracle attack.\n\n 3. CVE-2014-3567\n\tOpenSSL could allow remote attackers to cause a denial of service \n\t(memory consumption) via crafted session ticket that triggers an \n\tintegrity-check failure.\n\nII. CVSS\n\n 1. CVE-2014-3513\n CVSS Base Score: 5\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/97035\n CVSS Environmental Score*: Undefined\n CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n 2. CVE-2014-3566\n CVSS Base Score: 4.3\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/97013\n CVSS Environmental Score*: Undefined\n CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n 3. CVE-2014-3567\n CVSS Base Score: 5\n CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/97036\n CVSS Environmental Score*: Undefined\n CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:N/A:N)\n\n\nIII. PLATFORM VULNERABILITY ASSESSMENT\n\n To determine if your system is vulnerable, execute the following\n command:\n\n lslpp -L openssl.base\n \n The following fileset levels are vulnerable:\n \n A. CVE-2014-3513\n\n AIX Fileset Lower Level Upper Level \n ------------------------------------------\n openssl.base 1.0.1.500 1.0.1.512\n\n B. CVE-2014-3566, CVE-2014-3567\n\n AIX Fileset Lower Level Upper Level \n ------------------------------------------\n openssl.base 1.0.1.500 1.0.1.512\n openssl.base 0.9.8.401 0.9.8.2503\n openssl.base 12.9.8.1100 12.9.8.2503\n\n\tNote, 0.9.8.401 and 12.9.8.1100 are the Lowest OpenSSL version\n\tavailable in aix web download site. Even OpenSSL versions below \n\tthis are impacted\n\n\nIV. SOLUTIONS\n\n A. FIXES\n\n Fix is available. The fix can be downloaded via ftp\n from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/openssl_fix11.tar\n\n The link above is to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n releases.\n\n\tNote that the tar file contains Interim fixes that are based on OpenSSL version.\n\n AIX Level Interim Fix (*.Z) Fileset Name(prereq for installation)\n ---------------------------------------------------------------------------------\n 5.3, 6.1, 7.1 IV66250s9a.141027.epkg.Z\t openssl.base(1.0.1.512 version)\n 5.3, 6.1, 7.1 IV66250s9b.141027.epkg.Z openssl.base(0.9.8.2503 version)\n 5.3, 6.1, 7.1 IV66250s9c.141027.epkg.Z\t openssl.base(12.9.8.2503 version)\n\n VIOS Level Interim Fix (*.Z)\t Fileset Name(prereq for installation)\n -------------------------------------------------------------------------------------\n 2.2.* IV66250s9a.141027.epkg.Z\t openssl.base(1.0.1.512 version)\n 2.2.* IV66250s9b.141027.epkg.Z\t openssl.base(0.9.8.2503 version)\n 2.2.* IV66250s9c.141027.epkg.Z\t openssl.base(12.9.8.2503 version)\n\n\n To extract the fix from the tar file:\n\n tar xvf openssl_fix11.tar\n cd openssl_fix11\n\n Verify you have retrieved the fix intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 file\" command is the followng:\n\n openssl dgst -sha256 \t\t\t\t\t\t filename\t \n ----------------------------------------------------------------------------------------------\n \t5bde653c4cb972b7068aa99a49c4a388abf2cdc0627fd61d2a7278b7a5d1e1cb \tIV66250s9a.141027.epkg.Z\n\tb8a8c74835add78314e48540640f50478ec11b08195fe2df979f7d1597722a60\tIV66250s9b.141027.epkg.Z\n\t8b3b019c6ed2bf0d54ed93f2e5159ace136c7ad7a8d3b1735748c0f13a4bc1cf\tIV66250s9c.141027.epkg.Z\n\n\tThese sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM AIX Security at\n security-alert@austin.ibm.com and describe the discrepancy.\n \n Published advisory OpenSSL signature file location:\n\n http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc.sig \n\n\topenssl dgst -sha1 -verify <pubkey_file> -signature <advisory_file>.sig <advisory_file>\n\n openssl dgst -sha1 -verify <pubkey_file> -signature <ifix_file>.sig <ifix_file>\n\n These fixes will also be part of the next filesets of OpenSSL versions 0.9.8.2504, 12.9.8.2504 and 1.0.1.513.\n\tThe estimated availability date of filesets is by 1st December 2014 and can be downloaded from - \n\thttps://www14.software.ibm.com/webapp/iwm/web/reg/download.do?source=aixbp&lang=en_US&S_PKG=openssl&cp=UTF-8\n\n \n B. FIX AND INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\n\nV. WORKAROUNDS\n \n No workarounds.\n\nVI. CONTACT US:\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team via security-alert@austin.ibm.com you\n can either:\n\n A. Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pgppubkey.txt\n\n B. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\n\nVII. REFERENCES:\n\n Note: Keywords labeled as KEY in this document are used for parsing purposes.\n\n eServer is a trademark of International Business Machines\n Corporation. IBM, AIX and pSeries are registered trademarks of\n International Business Machines Corporation. All other trademarks\n are property of their respective holders.\n\n Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html\n On-line Calculator V2: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/97035\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/97013\n X-Force Vulnerability Database: http://xforce.iss.net/xforce/xfdb/97036\n CVE-2014-3513 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513\n CVE-2014-3566 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n CVE-2014-3567 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567\n\n *The CVSS Environment Score is customer environment specific and will\n ultimately impact the Overall CVSS Score. Customers can evaluate the\n impact of this vulnerability in their environments by accessing the links\n in the Reference section of this Flash.\n\n Note: According to the Forum of Incident Response and Security Teams\n (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry\n open standard designed to convey vulnerability severity and help to\n determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES\n \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF\n MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE\n RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY\n VULNERABILITY.\n", "edition": 4, "modified": "2014-10-29T04:58:52", "published": "2014-10-29T04:58:52", "id": "OPENSSL_ADVISORY11.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc", "title": "AIX OpenSSL Denial of Service due to memory leak in DTLS / AIX OpenSSL Patch to mitigate CVE-2014-3566 / AIX OpenSSL Denial of Service due to memory consumption", "type": "aix", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "Asterisk is a complete PBX in software. It runs on Linux and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware. ", "modified": "2014-11-01T16:38:16", "published": "2014-11-01T16:38:16", "id": "FEDORA:50E7D60F2C0C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: asterisk-11.13.1-1.fc21", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "The purpose of this mail library is to provide a portable, efficient middle -ware for different kinds of mail access. When using the drivers interface, the interface is the same for all kinds of mail access, remote and local mailbo xes. ", "modified": "2014-11-10T06:34:14", "published": "2014-11-10T06:34:14", "id": "FEDORA:13EED60DC938", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: libetpan-1.6-1.fc21", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "A small library for communicating with the REST interface of a Red Hat Unif ied Entitlement Platform. This interface is used for the management of system entitlements, certificates, and access to content. ", "modified": "2014-11-10T06:34:40", "published": "2014-11-10T06:34:40", "id": "FEDORA:D241A60EFAEF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: python-rhsm-1.13.6-1.fc21", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library. ", "modified": "2014-12-15T04:34:00", "published": "2014-12-15T04:34:00", "id": "FEDORA:ABDD7608A209", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: libuv-0.10.29-1.fc20", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "Fossil is a simple, high-reliability, distributed software configuration management with distributed bug tracking, distributed wiki and built-in web interface. ", "modified": "2015-10-15T03:51:23", "published": "2015-10-15T03:51:23", "id": "FEDORA:AC832604E903", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: fossil-1.33-1.fc22", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. ", "modified": "2014-12-15T04:35:14", "published": "2014-12-15T04:35:14", "id": "FEDORA:B1D43608A1FC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: nodejs-0.10.33-1.fc19", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "The Subscription Manager package provides programs and libraries to allow u sers to manage subscriptions and yum repositories from the Red Hat entitlement platform. ", "modified": "2014-11-10T06:34:40", "published": "2014-11-10T06:34:40", "id": "FEDORA:B758360EE970", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: subscription-manager-1.13.6-1.fc21", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. ", "modified": "2014-12-15T04:34:00", "published": "2014-12-15T04:34:00", "id": "FEDORA:955A2608A1F0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: nodejs-0.10.33-1.fc20", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "modified": "2014-11-01T16:53:31", "published": "2014-11-01T16:53:31", "id": "FEDORA:E523360D8734", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: openssl-1.0.1j-1.fc21", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "The purpose of this mail library is to provide a portable, efficient middle -ware for different kinds of mail access. When using the drivers interface, the interface is the same for all kinds of mail access, remote and local mailbo xes. ", "modified": "2014-11-10T06:30:29", "published": "2014-11-10T06:30:29", "id": "FEDORA:4467B60E6CE0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: libetpan-1.6-1.fc20", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "huawei": [{"lastseen": "2019-02-01T18:01:49", "bulletinFamily": "software", "cvelist": ["CVE-2014-3566"], "description": "Products\n\nSwitches\nRouters\nWLAN\nServers\nSee All\n\n\n\nSolutions\n\nCloud Data Center\nEnterprise Networking\nWireless Private Network\nSolutions by Industry\nSee All\n\n\n\nServices\n\nTraining and Certification\nICT Lifecycle Services\nTechnology Services\nIndustry Solution Services\nSee All\n\n\n\nSee all offerings at e.huawei.com\n\n\n\nNeed Support ?\n\nProduct Support\nSoftware Download\nCommunity\nTools\n\nGo to Full Support", "edition": 1, "modified": "2015-05-05T00:00:00", "published": "2014-12-15T00:00:00", "id": "HUAWEI-SA-20141215-01-POODLE", "href": "https://www.huawei.com/en/psirt/security-advisories/2015/hw-405500", "title": "Security Advisory-SSLv3 POODLE Vulnerability in Huawei Products", "type": "huawei", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openvas": [{"lastseen": "2019-05-29T18:37:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "description": "Check the version of nodejs", "modified": "2019-03-15T00:00:00", "published": "2014-12-15T00:00:00", "id": "OPENVAS:1361412562310868601", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868601", "type": "openvas", "title": "Fedora Update for nodejs FEDORA-2014-15390", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nodejs FEDORA-2014-15390\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868601\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-15 05:56:45 +0100 (Mon, 15 Dec 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for nodejs FEDORA-2014-15390\");\n script_tag(name:\"summary\", value:\"Check the version of nodejs\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nodejs on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-15390\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146244.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"nodejs\", rpm:\"nodejs~0.10.33~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "description": "Junos OS is prone to a OpenSSL information disclosure\nvulnerability, also known as the ", "modified": "2018-10-26T00:00:00", "published": "2015-01-23T00:00:00", "id": "OPENVAS:1361412562310105950", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105950", "type": "openvas", "title": "Junos SSLv3 POODLE Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_junos_cve-2014-3566.nasl 12106 2018-10-26 06:33:36Z cfischer $\n#\n# Junos SSLv3 POODLE Vulnerability\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/o:juniper:junos';\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105950\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_version(\"$Revision: 12106 $\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Junos SSLv3 POODLE Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://kb.juniper.net/JSA10656\");\n\n script_tag(name:\"summary\", value:\"Junos OS is prone to a OpenSSL information disclosure\nvulnerability, also known as the 'POODLE' vulnerability.\");\n\n script_tag(name:\"impact\", value:\"The vulnerability makes it easier for a man in the middle\nattacker to obtain cleartext data.\");\n\n script_tag(name:\"insight\", value:\"The SSL protocol 3.0 (SSLv3) uses nondeterministic CBC\npadding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a\npadding-oracle attack.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable OS build is present on the target host.\");\n script_tag(name:\"solution\", value:\"New builds of Junos OS software are available from Juniper.\");\n script_tag(name:\"affected\", value:\"Junos OS 11.4, 12.1, 12.3, 13.2, 13.3, 14.1 and 14.2\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 08:33:36 +0200 (Fri, 26 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-23 10:26:21 +0700 (Fri, 23 Jan 2015)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"JunOS Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gb_ssh_junos_get_version.nasl\", \"gb_junos_snmp_version.nasl\");\n script_mandatory_keys(\"Junos/Version\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"revisions-lib.inc\");\n\nif (!version = get_app_version(cpe: CPE, nofork: TRUE))\n exit(0);\n\nif (revcomp(a:version, b:\"11.4R13\") < 0) {\n security_message(port:0, data:version);\n exit(0);\n}\n\nif (version =~ \"^12\") {\n if (revcomp(a:version, b:\"12.1X44-D45\") < 0) {\n security_message(port:0, data:version);\n exit(0);\n }\n else if ((revcomp(a:version, b:\"12.1X46-D26\") < 0) &&\n (revcomp(a:version, b:\"12.1X46\") >= 0)) {\n security_message(port:0, data:version);\n exit(0);\n }\n else if ((revcomp(a:version, b:\"12.1X47-D20\") < 0) &&\n (revcomp(a:version, b:\"12.1X47\") >= 0)) {\n security_message(port:0, data:version);\n exit(0);\n }\n else if ((revcomp(a:version, b:\"12.3R9\") < 0) &&\n (revcomp(a:version, b:\"12.3\") >= 0)) {\n security_message(port:0, data:version);\n exit(0);\n }\n else if ((revcomp(a:version, b:\"12.3X48-D10\") < 0) &&\n (revcomp(a:version, b:\"12.3X\") >= 0)) {\n security_message(port:0, data:version);\n exit(0);\n }\n}\n\nif (version =~ \"^13\") {\n if (revcomp(a:version, b:\"13.2R7\") < 0) {\n security_message(port:0, data:version);\n exit(0);\n }\n else if ((revcomp(a:version, b:\"13.3R5\") < 0) &&\n (revcomp(a:version, b:\"13.3\") >= 0)) {\n security_message(port:0, data:version);\n exit(0);\n }\n}\n\nif (version =~ \"^14\") {\n if (revcomp(a:version, b:\"14.1R4\") < 0) {\n security_message(port:0, data:version);\n exit(0);\n }\n else if ((revcomp(a:version, b:\"14.1X53-D20\") < 0) &&\n (revcomp(a:version, b:\"14.1X\") >= 0)) {\n security_message(port:0, data:version);\n exit(0);\n }\n else if ((revcomp(a:version, b:\"14.2R2\") < 0) &&\n (revcomp(a:version, b:\"14.2\") >= 0)) {\n security_message(port:0, data:version);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-01-05T00:00:00", "id": "OPENVAS:1361412562310868770", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868770", "type": "openvas", "title": "Fedora Update for claws-mail FEDORA-2014-14237", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for claws-mail FEDORA-2014-14237\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868770\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:50:50 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for claws-mail FEDORA-2014-14237\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'claws-mail'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"claws-mail on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-14237\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147484.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"claws-mail\", rpm:\"claws-mail~3.11.1~2.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-01-05T00:00:00", "id": "OPENVAS:1361412562310868693", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868693", "type": "openvas", "title": "Fedora Update for libetpan FEDORA-2014-14237", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libetpan FEDORA-2014-14237\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868693\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:43:16 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for libetpan FEDORA-2014-14237\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libetpan'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libetpan on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-14237\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147485.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"libetpan\", rpm:\"libetpan~1.6~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:37:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "description": "Check the version of libuv", "modified": "2019-03-15T00:00:00", "published": "2014-12-15T00:00:00", "id": "OPENVAS:1361412562310868600", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868600", "type": "openvas", "title": "Fedora Update for libuv FEDORA-2014-15379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libuv FEDORA-2014-15379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868600\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-15 05:56:43 +0100 (Mon, 15 Dec 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for libuv FEDORA-2014-15379\");\n script_tag(name:\"summary\", value:\"Check the version of libuv\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libuv on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-15379\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146232.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"libuv\", rpm:\"libuv~0.10.29~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:37:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "description": "Check the version of nodejs", "modified": "2019-03-15T00:00:00", "published": "2014-12-15T00:00:00", "id": "OPENVAS:1361412562310868604", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868604", "type": "openvas", "title": "Fedora Update for nodejs FEDORA-2014-15379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nodejs FEDORA-2014-15379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868604\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-15 05:56:50 +0100 (Mon, 15 Dec 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for nodejs FEDORA-2014-15379\");\n script_tag(name:\"summary\", value:\"Check the version of nodejs\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nodejs on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-15379\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146233.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"nodejs\", rpm:\"nodejs~0.10.33~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-04-02T18:47:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "description": "This host is prone to an information disclosure vulnerability.", "modified": "2020-03-31T00:00:00", "published": "2014-10-16T00:00:00", "id": "OPENVAS:1361412562310802087", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802087", "type": "openvas", "title": "SSL/TLS: SSLv3 Protocol CBC Cipher Suites Information Disclosure Vulnerability (POODLE)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SSL/TLS: SSLv3 Protocol CBC Cipher Suites Information Disclosure Vulnerability (POODLE)\n#\n# Authors:\n# Veerendra GG <veerendragg@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802087\");\n script_version(\"2020-03-31T06:57:15+0000\");\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-31 06:57:15 +0000 (Tue, 31 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-10-16 17:29:43 +0530 (Thu, 16 Oct 2014)\");\n script_name(\"SSL/TLS: SSLv3 Protocol CBC Cipher Suites Information Disclosure Vulnerability (POODLE)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SSL and TLS\");\n script_dependencies(\"secpod_ssl_ciphers.nasl\", \"gb_tls_fallback_scsv_enabled.nasl\");\n script_mandatory_keys(\"secpod_ssl_ciphers/supported_ciphers\", \"ssl_tls/port\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_xref(name:\"URL\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_xref(name:\"URL\", value:\"https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html\");\n script_xref(name:\"URL\", value:\"http://googleonlinesecurity.blogspot.in/2014/10/this-poodle-bites-exploiting-ssl-30.html\");\n\n script_tag(name:\"summary\", value:\"This host is prone to an information disclosure vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Evaluate previous collected information about this service.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to the block cipher padding not being deterministic and not covered by the Message Authentication Code\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a man-in-the-middle attackers gain access to the plain text data stream.\");\n\n script_tag(name:\"solution\", value:\"Possible Mitigations are:\n\n - Disable SSLv3\n\n - Disable cipher suites supporting CBC cipher modes\n\n - Enable TLS_FALLBACK_SCSV if the service is providing TLSv1.0+\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"Mitigation\");\n\n exit(0);\n}\n\ninclude(\"ssl_funcs.inc\");\ninclude(\"misc_func.inc\");\n\nif( ! port = tls_ssl_get_port() )\n exit( 0 );\n\nif( ! tls_versions = get_kb_item( \"tls/supported/\" + port ) )\n exit( 0 );\n\nif( \"SSLv3\" >!< tls_versions )\n exit( 0 );\n\n# If SSLv3 is supported then check if CBC ciphers are supported and exit if not\nif( ! cipherList = get_kb_list( \"secpod_ssl_ciphers/sslv3/\" + port + \"/supported_ciphers\" ) )\n exit( 0 );\n\nif( ! in_array( search:\"_CBC_\", array:cipherList, part_match:TRUE ) )\n exit( 0 );\n\n# If TLSv1.0+ is available check if TLS_FALLBACK_SCSV is supported and mark as vulnerable if not\nif( \"TLSv\" >< tls_versions ) {\n if( ! get_kb_item( \"tls_fallback_scsv_supported/\" + port ) ) {\n VULN = TRUE;\n }\n} else {\n VULN = TRUE;\n}\n\nif( VULN ) {\n security_message( port:port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-12-17T00:00:00", "id": "OPENVAS:1361412562310842563", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842563", "type": "openvas", "title": "Ubuntu Update for cups USN-2839-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for cups USN-2839-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842563\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-17 05:09:00 +0100 (Thu, 17 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_cve_id(\"CVE-2014-3566\");\n script_name(\"Ubuntu Update for cups USN-2839-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cups'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"As a security improvement against the\nPOODLE attack, this update disables SSLv3 support in the CUPS web interface.\n\nFor legacy environments where SSLv3 support is still required, it can be\nre-enabled by adding 'SSLOptions AllowSSL3' to /etc/cups/cupsd.conf.\");\n script_tag(name:\"affected\", value:\"cups on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2839-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2839-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cups\", ver:\"1.7.2-0ubuntu1.7\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:37:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "description": "Check the version of libuv", "modified": "2019-03-15T00:00:00", "published": "2014-12-15T00:00:00", "id": "OPENVAS:1361412562310868597", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868597", "type": "openvas", "title": "Fedora Update for libuv FEDORA-2014-15390", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libuv FEDORA-2014-15390\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868597\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-15 05:56:14 +0100 (Mon, 15 Dec 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for libuv FEDORA-2014-15390\");\n script_tag(name:\"summary\", value:\"Check the version of libuv\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libuv on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-15390\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146243.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"libuv\", rpm:\"libuv~0.10.29~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:37:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3566"], "description": "Check the version of python-rhsm", "modified": "2019-03-15T00:00:00", "published": "2014-11-07T00:00:00", "id": "OPENVAS:1361412562310868453", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868453", "type": "openvas", "title": "Fedora Update for python-rhsm FEDORA-2014-13794", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-rhsm FEDORA-2014-13794\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868453\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-07 06:17:15 +0100 (Fri, 07 Nov 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for python-rhsm FEDORA-2014-13794\");\n script_tag(name:\"summary\", value:\"Check the version of python-rhsm\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"python-rhsm on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-13794\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-November/142743.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-rhsm\", rpm:\"python-rhsm~1.13.6~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "hackerone": [{"lastseen": "2018-04-24T03:22:19", "bulletinFamily": "bugbounty", "bounty": 0.0, "cvelist": ["CVE-2014-3566"], "description": "Hi,\n\nI get in touch to report that cloud.newrelic.com is vulnerable to CVE-2014-3566 (POODLE). \n\nWebsites that support SSLv3 and CBC-mode ciphers are potentially vulnerable to an active MITM (Man-in-the-middle) attack. This attack, called POODLE, is similar to the BEAST attack and also allows a network attacker to extract the plaintext of targeted parts of an SSL connection, usually cookie data. Unlike the BEAST attack, it doesn't require such extensive control of the format of the plaintext and thus is more practical.\n\nThe impact of this vulnerability\n\tAn attacker may be able to exploit this problem to conduct man-in-the-middle attacks and decrypt communications between the affected service and clients.\n\nPoC:\n$ nmap -sV --version-light --script ssl-poodle -p 443 cloud.newrelic.com\nPORT STATE SERVICE REASON\n443/tcp open https syn-ack\n| ssl-poodle:\n| VULNERABLE:\n| SSL POODLE information leak\n\n$ nmap --script ssl-enum-ciphers -p 443 cloud.newrelic.com\n\nPORT STATE SERVICE\n443/tcp open https\n| ssl-enum-ciphers:\n| SSLv3:\n| ciphers:\n| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A\n| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A\n| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C\n| compressors:\n| NULL\n| cipher preference: server\n| warnings:\n| 64-bit block cipher 3DES vulnerable to SWEET32 attack\n| CBC-mode cipher in SSLv3 (CVE-2014-3566)\n\nHow to fix this vulnerability\n\tIt's recommended to disable SSLv3 and replace it with TLSv1.0 as soon as compatibility with legacy clients is no longer required. (The only browser that does not support TLSv1.0 is Internet Explorer 6).\n\nTo disable SSLv2 and SSLv3: \n\tFor Nginx:\n\tssl_protocols TLSv1 TLSv1.1 TLSv1.2;\n\nReferences\n\thttps://security.googleblog.com/2014/10/this-poodle-bites-exploiting-ssl-30.html\n\nI look forward to hearing from you\n\nBest Regards", "modified": "2017-11-10T22:24:05", "published": "2017-03-26T19:08:23", "id": "H1:216271", "href": "https://hackerone.com/reports/216271", "type": "hackerone", "title": "New Relic: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-04-19T17:34:12", "bulletinFamily": "bugbounty", "bounty": 280.0, "cvelist": ["CVE-2014-3566"], "description": "\n**Summary:** POODLE SSLv3 bug on multiple twitter smtp servers\n\n**Description:** CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.\n\n\n## Steps To Reproduce:\n\nHi Twitter Sec team here is the POC\n\n 1. get a nmap installation and twitter_smtp_ssl_servers.txt file (attached) \n 2. run this command :\n\"nmap -sV --version-light -Pn --script ssl-poodle -p 25 -iL twitter_smtp_ssl_servers.txt | grep -B 5 VULNERABLE\"\n 3. See the results \n\n## Supporting Material/References:\n\n * An output screentshot and the twitter_smtp_ssl_servers.txt are attached.\n", "modified": "2018-02-22T00:11:25", "published": "2017-11-09T21:44:16", "id": "H1:288966", "href": "https://hackerone.com/reports/288966", "type": "hackerone", "title": "Twitter: POODLE SSLv3 bug on multiple twitter smtp servers (mx3.twitter.com,199.59.148.204,199.16.156.108 and 199.59.148.204)", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-04-19T17:34:09", "bulletinFamily": "bugbounty", "bounty": 0.0, "cvelist": ["CVE-2014-3566"], "description": "**Summary:** \nPOODLE SSLv3 bug on multiple servers\n\n**Description:** \n CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue.\n\n## Steps To Reproduce:\n\n1. Create .txt file include this ip : ( 54.230.149.17 & 54.230.149.158 ) ex: ip.txt\n2. nmap -sV --version-light -Pn --script ssl-poodle -p 443 -iL ip.txt\n\n## Supporting Material/References:\n\n```\nroot@jancok:~# nmap -sV --version-light -Pn --script ssl-poodle -p 443 -iL ip.txt\n\nStarting Nmap 7.25BETA1 ( https://nmap.org ) at 2018-02-22 23:40 EST\nNmap scan report for server-54-230-149-17.sin2.r.cloudfront.net (54.230.149.17)\nHost is up (0.029s latency).\nPORT STATE SERVICE VERSION\n443/tcp open ssl/https?\n| ssl-poodle: \n| VULNERABLE:\n| SSL POODLE information leak\n| State: LIKELY VULNERABLE\n| IDs: OSVDB:113251 CVE:CVE-2014-3566\n| The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and\n| other products, uses nondeterministic CBC padding, which makes it easier\n| for man-in-the-middle attackers to obtain cleartext data via a\n| padding-oracle attack, aka the \"POODLE\" issue.\n| Disclosure date: 2014-10-14\n| Check results:\n| TLS_RSA_WITH_AES_128_CBC_SHA\n| TLS_FALLBACK_SCSV properly implemented\n| References:\n| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n| https://www.imperialviolet.org/2014/10/14/poodle.html\n| https://www.openssl.org/~bodo/ssl-poodle.pdf\n|_ http://osvdb.org/113251\n1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :\nSF-Port443-TCP:V=7.25BETA1%T=SSL%I=2%D=2/22%Time=5A8F9B45%P=x86_64-pc-linu\nSF:x-gnu%r(GetRequest,36B,\"HTTP/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nServer:\\x\nSF:20CloudFront\\r\\nDate:\\x20Thu,\\x2022\\x20Feb\\x202018\\x2016:40:40\\x20GMT\\r\nSF:\\nContent-Type:\\x20text/html\\r\\nContent-Length:\\x20551\\r\\nConnection:\\x\nSF:20close\\r\\nX-Cache:\\x20Error\\x20from\\x20cloudfront\\r\\nVia:\\x201\\.1\\x209\nSF:f6b01a312a31ea74b95b305e8d62497\\.cloudfront\\.net\\x20\\(CloudFront\\)\\r\\nX\nSF:-Amz-Cf-Id:\\x20wTZjtVmAWgTRJcBZoY1eKmML1MIGDjqyL8HHIbcopGOT3RptvM0oAw==\nSF:\\r\\n\\r\\n<!DOCTYPE\\x20HTML\\x20PUBLIC\\x20\\\"-//W3C//DTD\\x20HTML\\x204\\.01\\x\nSF:20Transitional//EN\\\"\\x20\\\"http://www\\.w3\\.org/TR/html4/loose\\.dtd\\\">\\n<\nSF:HTML><HEAD><META\\x20HTTP-EQUIV=\\\"Content-Type\\\"\\x20CONTENT=\\\"text/html;\nSF:\\x20charset=iso-8859-1\\\">\\n<TITLE>ERROR:\\x20The\\x20request\\x20could\\x20\nSF:not\\x20be\\x20satisfied</TITLE>\\n</HEAD><BODY>\\n<H1>ERROR</H1>\\n<H2>The\\\nSF:x20request\\x20could\\x20not\\x20be\\x20satisfied\\.</H2>\\n<HR\\x20noshade\\x2\nSF:0size=\\\"1px\\\">\\nBad\\x20request\\.\\n<BR\\x20clear=\\\"all\\\">\\n<HR\\x20noshade\nSF:\\x20size=\\\"1px\\\">\\n<PRE>\\nGenerated\\x20by\\x20cloudfront\\x20\\(CloudFront\nSF:\\)\\nRequest\\x20ID:\\x20wTZjtVmAWgTRJcBZoY1eKmML1MIGDjqyL8HHIbcopGOT3Rptv\nSF:M0oAw==\\n</PRE>\\n<ADDRESS>\\n</ADDRESS>\\n</BODY></HTML>\")%r(HTTPOptions,\nSF:36B,\"HTTP/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nServer:\\x20CloudFront\\r\\nDat\nSF:e:\\x20Thu,\\x2022\\x20Feb\\x202018\\x2016:40:40\\x20GMT\\r\\nContent-Type:\\x20\nSF:text/html\\r\\nContent-Length:\\x20551\\r\\nConnection:\\x20close\\r\\nX-Cache:\nSF:\\x20Error\\x20from\\x20cloudfront\\r\\nVia:\\x201\\.1\\x20c811a11df2d0d24d49e3\nSF:cdf48257de21\\.cloudfront\\.net\\x20\\(CloudFront\\)\\r\\nX-Amz-Cf-Id:\\x20dUUs\nSF:gtWLhorBbOSJMk6AESCL5MYIhEXtXdoSrTQ5pa0vKwxzKOa_0Q==\\r\\n\\r\\n<!DOCTYPE\\x\nSF:20HTML\\x20PUBLIC\\x20\\\"-//W3C//DTD\\x20HTML\\x204\\.01\\x20Transitional//EN\\\nSF:\"\\x20\\\"http://www\\.w3\\.org/TR/html4/loose\\.dtd\\\">\\n<HTML><HEAD><META\\x2\nSF:0HTTP-EQUIV=\\\"Content-Type\\\"\\x20CONTENT=\\\"text/html;\\x20charset=iso-885\nSF:9-1\\\">\\n<TITLE>ERROR:\\x20The\\x20request\\x20could\\x20not\\x20be\\x20satisf\nSF:ied</TITLE>\\n</HEAD><BODY>\\n<H1>ERROR</H1>\\n<H2>The\\x20request\\x20could\nSF:\\x20not\\x20be\\x20satisfied\\.</H2>\\n<HR\\x20noshade\\x20size=\\\"1px\\\">\\nBad\nSF:\\x20request\\.\\n<BR\\x20clear=\\\"all\\\">\\n<HR\\x20noshade\\x20size=\\\"1px\\\">\\n\nSF:<PRE>\\nGenerated\\x20by\\x20cloudfront\\x20\\(CloudFront\\)\\nRequest\\x20ID:\\\nSF:x20dUUsgtWLhorBbOSJMk6AESCL5MYIhEXtXdoSrTQ5pa0vKwxzKOa_0Q==\\n</PRE>\\n<A\nSF:DDRESS>\\n</ADDRESS>\\n</BODY></HTML>\");\n\nNmap scan report for server-54-230-149-158.sin2.r.cloudfront.net (54.230.149.158)\nHost is up (0.028s latency).\nPORT STATE SERVICE VERSION\n443/tcp open ssl/https?\n| ssl-poodle: \n| VULNERABLE:\n| SSL POODLE information leak\n| State: LIKELY VULNERABLE\n| IDs: OSVDB:113251 CVE:CVE-2014-3566\n| The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and\n| other products, uses nondeterministic CBC padding, which makes it easier\n| for man-in-the-middle attackers to obtain cleartext data via a\n| padding-oracle attack, aka the \"POODLE\" issue.\n| Disclosure date: 2014-10-14\n| Check results:\n| TLS_RSA_WITH_AES_128_CBC_SHA\n| TLS_FALLBACK_SCSV properly implemented\n| References:\n| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566\n| https://www.imperialviolet.org/2014/10/14/poodle.html\n| https://www.openssl.org/~bodo/ssl-poodle.pdf\n|_ http://osvdb.org/113251\n1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :\nSF-Port443-TCP:V=7.25BETA1%T=SSL%I=2%D=2/22%Time=5A8F9B45%P=x86_64-pc-linu\nSF:x-gnu%r(GetRequest,36B,\"HTTP/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nServer:\\x\nSF:20CloudFront\\r\\nDate:\\x20Thu,\\x2022\\x20Feb\\x202018\\x2016:40:40\\x20GMT\\r\nSF:\\nContent-Type:\\x20text/html\\r\\nContent-Length:\\x20551\\r\\nConnection:\\x\nSF:20close\\r\\nX-Cache:\\x20Error\\x20from\\x20cloudfront\\r\\nVia:\\x201\\.1\\x209\nSF:80b603eea89acb9f5bc806e2efdf82c\\.cloudfront\\.net\\x20\\(CloudFront\\)\\r\\nX\nSF:-Amz-Cf-Id:\\x200GA88OFJqyG4qDARfjyQ1jGVyWfzjEnIf0PKUOQI1r6-AuHswKbacw==\nSF:\\r\\n\\r\\n<!DOCTYPE\\x20HTML\\x20PUBLIC\\x20\\\"-//W3C//DTD\\x20HTML\\x204\\.01\\x\nSF:20Transitional//EN\\\"\\x20\\\"http://www\\.w3\\.org/TR/html4/loose\\.dtd\\\">\\n<\nSF:HTML><HEAD><META\\x20HTTP-EQUIV=\\\"Content-Type\\\"\\x20CONTENT=\\\"text/html;\nSF:\\x20charset=iso-8859-1\\\">\\n<TITLE>ERROR:\\x20The\\x20request\\x20could\\x20\nSF:not\\x20be\\x20satisfied</TITLE>\\n</HEAD><BODY>\\n<H1>ERROR</H1>\\n<H2>The\\\nSF:x20request\\x20could\\x20not\\x20be\\x20satisfied\\.</H2>\\n<HR\\x20noshade\\x2\nSF:0size=\\\"1px\\\">\\nBad\\x20request\\.\\n<BR\\x20clear=\\\"all\\\">\\n<HR\\x20noshade\nSF:\\x20size=\\\"1px\\\">\\n<PRE>\\nGenerated\\x20by\\x20cloudfront\\x20\\(CloudFront\nSF:\\)\\nRequest\\x20ID:\\x200GA88OFJqyG4qDARfjyQ1jGVyWfzjEnIf0PKUOQI1r6-AuHsw\nSF:Kbacw==\\n</PRE>\\n<ADDRESS>\\n</ADDRESS>\\n</BODY></HTML>\")%r(HTTPOptions,\nSF:36B,\"HTTP/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nServer:\\x20CloudFront\\r\\nDat\nSF:e:\\x20Thu,\\x2022\\x20Feb\\x202018\\x2016:40:40\\x20GMT\\r\\nContent-Type:\\x20\nSF:text/html\\r\\nContent-Length:\\x20551\\r\\nConnection:\\x20close\\r\\nX-Cache:\nSF:\\x20Error\\x20from\\x20cloudfront\\r\\nVia:\\x201\\.1\\x20e14935429e8b5cfb258b\nSF:503fe0233feb\\.cloudfront\\.net\\x20\\(CloudFront\\)\\r\\nX-Amz-Cf-Id:\\x20s4YG\nSF:LwviLFSBvGk8WD5Z0N2LIqbeVPqlxi2Y6JXysX-6zPgTxSvnSg==\\r\\n\\r\\n<!DOCTYPE\\x\nSF:20HTML\\x20PUBLIC\\x20\\\"-//W3C//DTD\\x20HTML\\x204\\.01\\x20Transitional//EN\\\nSF:\"\\x20\\\"http://www\\.w3\\.org/TR/html4/loose\\.dtd\\\">\\n<HTML><HEAD><META\\x2\nSF:0HTTP-EQUIV=\\\"Content-Type\\\"\\x20CONTENT=\\\"text/html;\\x20charset=iso-885\nSF:9-1\\\">\\n<TITLE>ERROR:\\x20The\\x20request\\x20could\\x20not\\x20be\\x20satisf\nSF:ied</TITLE>\\n</HEAD><BODY>\\n<H1>ERROR</H1>\\n<H2>The\\x20request\\x20could\nSF:\\x20not\\x20be\\x20satisfied\\.</H2>\\n<HR\\x20noshade\\x20size=\\\"1px\\\">\\nBad\nSF:\\x20request\\.\\n<BR\\x20clear=\\\"all\\\">\\n<HR\\x20noshade\\x20size=\\\"1px\\\">\\n\nSF:<PRE>\\nGenerated\\x20by\\x20cloudfront\\x20\\(CloudFront\\)\\nRequest\\x20ID:\\\nSF:x20s4YGLwviLFSBvGk8WD5Z0N2LIqbeVPqlxi2Y6JXysX-6zPgTxSvnSg==\\n</PRE>\\n<A\nSF:DDRESS>\\n</ADDRESS>\\n</BODY></HTML>\");\n\nService detection performed. Please report any incorrect results at https://nmap.org/submit/ .\nNmap done: 2 IP addresses (2 hosts up) scanned in 27.51 seconds\n\n```\n\n## Impact\n\nits vulnerable CVE-2014-3566", "modified": "2018-03-13T14:31:05", "published": "2018-02-22T16:43:36", "id": "H1:318594", "href": "https://hackerone.com/reports/318594", "type": "hackerone", "title": "SEMrush: SSLv3 Poodle Attack on Ip Of semrush", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhat": [{"lastseen": "2019-08-13T18:45:22", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode.\nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to mitigate the CVE-2014-3566 issue. For the\nupdate to take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.\n", "modified": "2017-09-08T12:13:46", "published": "2014-10-16T04:00:00", "id": "RHSA-2014:1653", "href": "https://access.redhat.com/errata/RHSA-2014:1653", "type": "redhat", "title": "(RHSA-2014:1653) Moderate: openssl security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-08-13T18:45:59", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "OpenShift Enterprise by Red Hat is the company's cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or private\ncloud deployments.\n\nNode.js is a software development platform for building fast and scalable\nnetwork applications in the JavaScript programming language.\n\nA flaw was found in the way SSL 3.0 handled padding bytes when decrypting\nmessages encrypted using block ciphers in cipher block chaining (CBC) mode.\nThis flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected\nbyte of a cipher text in as few as 256 tries if they are able to force a\nvictim application to repeatedly send the same data over newly created SSL\n3.0 connections. (CVE-2014-3566)\n\nAll OpenShift Enterprise users are advised to upgrade to these updated\npackages, which correct this issue.\n", "modified": "2018-06-07T08:57:38", "published": "2015-08-04T04:00:00", "id": "RHSA-2015:1545", "href": "https://access.redhat.com/errata/RHSA-2015:1545", "type": "redhat", "title": "(RHSA-2015:1545) Important: node.js security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "centos": [{"lastseen": "2020-12-08T03:35:12", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "**CentOS Errata and Security Advisory** CESA-2014:1653\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose cryptography\nlibrary.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value\n(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade\nattacks against applications which re-connect using a lower SSL/TLS\nprotocol version when the initial connection indicating the highest\nsupported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC) mode.\nThis issue is identified as CVE-2014-3566, and also known under the alias\nPOODLE. This SSL 3.0 protocol flaw will not be addressed in a future\nupdate; it is recommended that users configure their applications to\nrequire at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article\nat https://access.redhat.com/articles/1232123\n\nAll OpenSSL users are advised to upgrade to these updated packages, which\ncontain a backported patch to mitigate the CVE-2014-3566 issue. For the\nupdate to take effect, all services linked to the OpenSSL library (such as\nhttpd and other SSL-enabled services) must be restarted or the system\nrebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-October/032731.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-October/045067.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-perl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1653.html", "edition": 4, "modified": "2014-10-16T17:53:19", "published": "2014-10-16T15:21:39", "href": "http://lists.centos.org/pipermail/centos-announce/2014-October/032731.html", "id": "CESA-2014:1653", "title": "openssl security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "virtuozzo": [{"lastseen": "2019-11-05T11:28:16", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "The new packages for Virtuozzo PowerPanel introducing new features as well as security and usability fixes.\n**Vulnerability id:** CVE-2014-3566, PP-427\nDisabled SSLv3 access to the management panel to protect against the POODLE SSLv3 vulnerability.\n\n", "edition": 1, "modified": "2017-09-20T00:00:00", "published": "2017-09-20T00:00:00", "id": "VZA-2017-081", "href": "https://help.virtuozzo.com/customer/portal/articles/2877590", "title": "Important product update: Virtuozzo PowerPanel RTM Hotfix 3 (7.0.1-415)", "type": "virtuozzo", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "amazon": [{"lastseen": "2020-11-10T12:35:35", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "**Issue Overview:**\n\nBodo Moller, Thai Duong and Krzysztof Kotowicz of Google discovered a flaw in the design of SSL version 3.0 that would allow an attacker to calculate the plaintext of secure connections, allowing, for example, secure HTTP cookies to be stolen.\n\nhttp://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html \nhttps://www.openssl.org/~bodo/ssl-poodle.pdf\n\n \n\n\n#### Special notes:\n\nWe have backfilled our 2014.03, 2013.09, and 2013.03 Amazon Linux AMI repositories with updated openssl packages that fix [CVE-2014-3566 __](<https://access.redhat.com/security/cve/CVE-2014-3566>).\n\nFor 2014.09 Amazon Linux AMIs, _openssl-1.0.1i-1.79.amzn1_ addresses this CVE. Running _yum clean all_ followed by _yum update openssl_ will install the fixed package.\n\nFor Amazon Linux AMIs [\"locked\"](<https://aws.amazon.com/amazon-linux-ami/faqs/#lock>) to the 2014.03 repositories, _openssl-1.0.1i-1.79.amzn1_ also addresses this CVE. Running _yum clean all_ followed by _yum update openssl_ will install the fixed package.\n\nFor Amazon Linux AMIs [\"locked\"](<https://aws.amazon.com/amazon-linux-ami/faqs/#lock>) to the 2013.09 or 2013.03 repositories, _openssl-1.0.1e-4.60.amzn1_ addresses this CVE. Running _yum clean all_ followed by _yum update openssl_ will install the fixed package.\n\nIf you are using a pre-2013.03 Amazon Linux AMI, we encourage you to move to a newer version of the Amazon Linux AMI as soon as possible.\n\n \n**Affected Packages:** \n\n\nopenssl\n\n \n**Issue Correction:** \nRun _yum update openssl_ to update your system. Note that you may need to run _yum clean all_ first.\n\n \n\n\n**New Packages:**\n \n \n i686: \n openssl-1.0.1i-1.79.amzn1.i686 \n openssl-debuginfo-1.0.1i-1.79.amzn1.i686 \n openssl-perl-1.0.1i-1.79.amzn1.i686 \n openssl-devel-1.0.1i-1.79.amzn1.i686 \n openssl-static-1.0.1i-1.79.amzn1.i686 \n \n src: \n openssl-1.0.1i-1.79.amzn1.src \n \n x86_64: \n openssl-debuginfo-1.0.1i-1.79.amzn1.x86_64 \n openssl-static-1.0.1i-1.79.amzn1.x86_64 \n openssl-perl-1.0.1i-1.79.amzn1.x86_64 \n openssl-devel-1.0.1i-1.79.amzn1.x86_64 \n openssl-1.0.1i-1.79.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-10-14T22:32:00", "published": "2014-10-14T22:32:00", "id": "ALAS-2014-426", "href": "https://alas.aws.amazon.com/ALAS-2014-426.html", "title": "Important: openssl", "type": "amazon", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-11-10T12:35:22", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "**Issue Overview:**\n\nA flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.\n\n \n**Affected Packages:** \n\n\nnss\n\n \n**Issue Correction:** \nRun _yum update nss_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n nss-3.16.2-7.57.amzn1.i686 \n nss-sysinit-3.16.2-7.57.amzn1.i686 \n nss-devel-3.16.2-7.57.amzn1.i686 \n nss-tools-3.16.2-7.57.amzn1.i686 \n nss-debuginfo-3.16.2-7.57.amzn1.i686 \n nss-pkcs11-devel-3.16.2-7.57.amzn1.i686 \n \n src: \n nss-3.16.2-7.57.amzn1.src \n \n x86_64: \n nss-3.16.2-7.57.amzn1.x86_64 \n nss-tools-3.16.2-7.57.amzn1.x86_64 \n nss-debuginfo-3.16.2-7.57.amzn1.x86_64 \n nss-devel-3.16.2-7.57.amzn1.x86_64 \n nss-pkcs11-devel-3.16.2-7.57.amzn1.x86_64 \n nss-sysinit-3.16.2-7.57.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-10-16T22:14:00", "published": "2014-10-16T22:14:00", "id": "ALAS-2014-429", "href": "https://alas.aws.amazon.com/ALAS-2014-429.html", "title": "Important: nss", "type": "amazon", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "debian": [{"lastseen": "2020-11-11T13:18:22", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3566"], "description": "Package : lighttpd\nVersion : 1.4.28-2+squeeze1.7\nCVE ID : CVE-2014-3566\nDebian Bug : #765702\n\nThis update allows to disable SSLv3 in lighttpd in order to protect\nagainst the POODLE attack. SSLv3 is now disabled by default and can be\nreenabled (if needed) using the ssl.use-sslv3 option.\n", "edition": 9, "modified": "2015-07-25T14:30:31", "published": "2015-07-25T14:30:31", "id": "DEBIAN:DLA-282-1:F03D5", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201507/msg00019.html", "title": "[SECURITY] [DLA 282-1] lighttpd security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:55", "bulletinFamily": "software", "cvelist": ["CVE-2014-3566"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-10-16-4 OS X Server v3.2.2\r\n\r\nOS X Server v3.2.2 is now available and addresses the following:\r\n\r\nServer\r\nAvailable for: OS X Mavericks v10.9.5 or later\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of SSL\r\n3.0 when a cipher suite uses a block cipher in CBC mode. An attacker\r\ncould force the use of SSL 3.0, even when the server would support a\r\nbetter TLS version, by blocking TLS 1.0 and higher connection\r\nattempts. This issue was addressed by disabling SSL 3.0 support in\r\nWeb Server, Calendar & Contacts Server, and Remote Administration.\r\nCVE-ID\r\nCVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of\r\nGoogle Security Team\r\n\r\n\r\nOS X Server v3.2.2 may be obtained from the Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJUQCJGAAoJEBcWfLTuOo7tyI0P/imLx5IYlrtwP9X6sCUaRNfa\r\ncjjI5T5ooRX1g83wc3sBGJnUaY5TYEpL8+aVdW0hL/Q8l+DCbvbTHDK1hcxNoPX7\r\nNsXgLFjKd56/mupWbx5beAjOA8Xey6F4tubYFNSppUEk0X9DKyVVmHNxPUnf/mTG\r\nF0opjTmLX9hJVsVvGGncBd24HxnkZJXvjd5Dfi+r/CBv1tFaL3ermZlnrba1cCaP\r\nmtZ06TAONykDYXN3GypSHZKedUIsMyQuuz+GDR2CC8Gw3P4sbbCfNkR2HNGFXPSt\r\nEG58UIdNqbbfDoTg3gR/u8e7XUrqQzSP/fq2lG1qraFpirodb67UKueVvOS1pqZQ\r\nHXJzLV5zSOx1GRLRp2hxQ7htILQGPE6alBnuqTKpe3cDxJ4h5HbZBdDIQNlLK2/y\r\nYxcCwt9AdmHr2BP2AmAE6X3jxTVbfCWxT+1ddTj+FX29DYRYSJHE4XTXAus6m4NI\r\n0uIVGv3OnmLA4r+7IGECQlMmPec0hkkWJV3otwIT83In1WMNlz85Q4Ypjo4jYfWW\r\nlEvnN15Pn8opiyHY62vPCufuroPklK1K6pIMIyFFJBGA2GVk1jqF9gNgIYqYwhMC\r\nmeaHWPu1wD82eRUBmTVHiNfKtqLx8MALBfp8uaklrfpnafrqxxuhS4ZjCEA0YU14\r\nNqlhvAS6z144pQkwp1dt\r\n=UMhr\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-10-18T00:00:00", "published": "2014-10-18T00:00:00", "id": "SECURITYVULNS:DOC:31301", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31301", "title": "APPLE-SA-2014-10-16-4 OS X Server v3.2.2", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:55", "bulletinFamily": "software", "cvelist": ["CVE-2014-3566"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-10-16-5 OS X Server v2.2.5\r\n\r\nOS X Server v2.2.5 is now available and addresses the following:\r\n\r\nServer\r\nAvailable for: OS X Mountain Lion v10.8.5\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of SSL\r\n3.0 when a cipher suite uses a block cipher in CBC mode. An attacker\r\ncould force the use of SSL 3.0, even when the server would support a\r\nbetter TLS version, by blocking TLS 1.0 and higher connection\r\nattempts. This issue was addressed by disabling SSL 3.0 support in\r\nWeb Server, Calendar & Contacts Server, and Remote Administration.\r\nCVE-ID\r\nCVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of\r\nGoogle Security Team\r\n\r\n\r\nOS X Server v2.2.5 may be obtained from the Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIbBAEBAgAGBQJUQCKNAAoJEBcWfLTuOo7tl5UP90cGp+wElIUvSYZIlSHZdaPZ\r\nYxKFiIjLj4eGUF4b79vQweQtwQiqMUKh0F9qZZ7QlOimNhBrhZvwjRx/aD8LePhS\r\nKhNRH8I2YPK32vws4ufojFZvjuL+Zs2RwQ/1nPgf/STJ5wHQLQolfkh+HKaED+cz\r\nYg36da7tZ0uEcWvUbWEnq0Ewz+DUF4UffhVLIbmuC0HdmGMEuGoFdhU0+zsTZmcH\r\nYhFfQwsZX/xbTwyMWH0k1hhS1w9QyoNnhC9CbQBmjv6CYuW/6MuksONesfL10oVL\r\nu9fxSzuGchv/iHZQ60UE5d+H7e1lWvl/Baw065w5Ie2bx/YEevvkda2pA/LnQSea\r\nrbFlykfOuBLR47Eg7MalBSJxkO87en1ASyz9oLKTErYm/AjYI22Xq/e2kmst4UW4\r\n24t7iNdNJzp4SQyvS2kUW9T4P2PGV16zkv5fUELYK/uFejaQ8LoF3t+LpMiluibf\r\nnKYJbdsF/14xDygG5fL5KBOYL/cPFXlradykKgZnWhkflJYKzHp05u2ILI+Stv+V\r\nBaniDoMTn53OBT875/xTKmv3igbkwU5YIrJLsNZRCnFchlP0bAWixjiqSqcs6f6j\r\nio+/R05z0IPi6FE05cCi8CH2wMunrwgh3HhSCTiXl12vt3DXSBrmMuDyRLqGxEC4\r\n93VoWCgAlgjlfdjjI40=\r\n=tAhs\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-10-18T00:00:00", "published": "2014-10-18T00:00:00", "id": "SECURITYVULNS:DOC:31302", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31302", "title": "APPLE-SA-2014-10-16-5 OS X Server v2.2.5", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "paloalto": [{"lastseen": "2020-12-24T13:20:54", "bulletinFamily": "software", "cvelist": ["CVE-2014-3566"], "description": "A vulnerability affecting most implementations of SSL 3.0 has been discovered that allows an attacker to decrypt some encrypted contents under certain conditions (CVE-2014-3566). The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue. More information can be found at: https://www.openssl.org/~bodo/ssl-poodle.pdf. SSL 3.0 is a supported protocol in PAN-OS services including device management and SSL VPN.\nThe conditions of successful exploitation are somewhat similar to the BEAST attack, which requires several conditions to be met for successful exploitation (i.e. the attacker requires a man-in-the-middle position in the network and must also be able to direct the victim client to send many repeated requests to the vulnerable server on behalf of the attacker via scripting, web sockets, or similar mechanism). Due to the conditions required of a successful attack scenario, the risk of exploitation is not particularly high. More information can be found in Microsoft Security Advisory 3009008 (https://technet.microsoft.com/library/security/3009008).\nThis issue affects PAN-OS 6.1.1 and earlier; PAN-OS 6.0.7 and earlier; PAN-OS 5.1.x and PAN-OS 5.0.x.\n\n**Work around:**\nCustomers can enable signature 36815 (\u201cSSLv3 Found in Server Response\u201d) to block attempted SSL 3.0 sessions, and apply this IPS policy to sensitive traffic including device management services.\n\nSupport for SSL 3.0 should be disabled on all clients where possible.\n\nDevice management services should also be restricted to a dedicated vlan or otherwise segmented trusted network to prevent exposure to untrusted hosts where possible.", "edition": 6, "modified": "2014-10-20T07:00:00", "published": "2014-10-20T07:00:00", "id": "PAN-SA-2014-0005", "href": "https://securityadvisories.paloaltonetworks.com/CVE-2014-3566", "title": "SSL 3.0 MITM Attack", "type": "paloalto", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "metasploit": [{"lastseen": "2020-10-05T21:04:31", "description": "Check if an HTTP server supports a given version of SSL/TLS. If a web server can successfully establish an SSLv3 session, it is likely to be vulnerable to the POODLE attack described on October 14, 2014, as a patch against the attack is unlikely.\n", "published": "2014-10-17T16:25:14", "type": "metasploit", "title": "HTTP SSL/TLS Version Detection (POODLE scanner)", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-3566"], "modified": "2017-07-24T13:26:21", "id": "MSF:AUXILIARY/SCANNER/HTTP/SSL_VERSION", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nrequire 'rex/proto/http'\n\nclass MetasploitModule < Msf::Auxiliary\n\n # Exploit mixins should be called first\n include Msf::Exploit::Remote::HttpClient\n # Scanner mixin should be near last\n include Msf::Auxiliary::Scanner\n\n def initialize\n super(\n 'Name' => 'HTTP SSL/TLS Version Detection (POODLE scanner)',\n 'Description' => %q{\n Check if an HTTP server supports a given version of SSL/TLS.\n\n If a web server can successfully establish an SSLv3 session, it is\n likely to be vulnerable to the POODLE attack described on\n October 14, 2014, as a patch against the attack is unlikely.\n },\n 'Author' => 'todb',\n 'License' => MSF_LICENSE,\n 'DefaultOptions' =>\n {\n 'SSL' => true,\n 'RPORT' => 443,\n },\n 'References' =>\n [\n [ 'URL', 'http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html'],\n [ 'OSVDB', '113251'],\n [ 'CVE', '2014-3566']\n ],\n 'DisclosureDate' => 'Oct 14 2014'\n )\n\n register_options(\n [\n Opt::SSLVersion\n ]\n )\n\n end\n\n # Fingerprint a single host\n def run_host(ip)\n begin\n res = send_request_raw({ 'uri' => '/', 'method' => 'GET' })\n fp = http_fingerprint(:response => res)\n if fp\n vprint_status(\"#{peer} connected and fingerprinted: #{fp}\")\n # TODO: Interrogate the connection itself to see what version\n # was used. Where that actually lives is eluding me. :/\n if datastore['SSL'] && datastore['SSLVersion'] == 'SSL3'\n print_good(\"#{peer} accepts SSLv3\")\n report_poodle_vuln(ip)\n end\n end\n rescue ::OpenSSL::SSL::SSLError => e\n ssl_version = e.message.match(/ state=([^\\s]+)/)[1]\n vprint_status(\"#{peer} does not accept #{ssl_version}\")\n end\n end\n\n def report_poodle_vuln(ip)\n report_vuln(\n :host => ip,\n :port => rport,\n :proto => 'tcp',\n :name => self.name,\n :info => \"Module #{self.fullname} confirmed SSLv3 is available\",\n :refs => self.references,\n :exploited_at => Time.now.utc\n )\n end\nend\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/ssl_version.rb"}]}
