Vulnerabilities > CVE-2014-3566 - Cryptographic Issues vulnerability in multiple products

047910
CVSS 3.4 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE

Summary

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

Vulnerable Configurations

Part Description Count
OS
Redhat
14
OS
Ibm
3
OS
Apple
89
OS
Mageia
2
OS
Novell
7
OS
Opensuse
2
OS
Fedoraproject
3
OS
Netbsd
22
OS
Debian
2
Application
Novell
2
Application
Openssl
63
Application
Ibm
24
Application
Oracle
2

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Metasploit

descriptionCheck if an HTTP server supports a given version of SSL/TLS. If a web server can successfully establish an SSLv3 session, it is likely to be vulnerable to the POODLE attack described on October 14, 2014, as a patch against the attack is unlikely.
idMSF:AUXILIARY/SCANNER/HTTP/SSL_VERSION
last seen2020-06-10
modified2017-07-24
published2014-10-17
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/ssl_version.rb
titleHTTP SSL/TLS Version Detection (POODLE scanner)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-294.NASL
    descriptionThis update for libopenssl0_9_8 fixes the following issues : - CVE-2016-0800 aka the
    last seen2020-06-05
    modified2016-03-04
    plugin id89651
    published2016-03-04
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89651
    titleopenSUSE Security Update : libopenssl0_9_8 (openSUSE-2016-294) (DROWN) (FREAK) (POODLE)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2016-294.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(89651);
      script_version("1.20");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2013-0166", "CVE-2013-0169", "CVE-2014-0076", "CVE-2014-0195", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-3470", "CVE-2014-3505", "CVE-2014-3506", "CVE-2014-3507", "CVE-2014-3508", "CVE-2014-3510", "CVE-2014-3566", "CVE-2014-3567", "CVE-2014-3568", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-8275", "CVE-2015-0204", "CVE-2015-0209", "CVE-2015-0286", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0293", "CVE-2015-1788", "CVE-2015-1789", "CVE-2015-1790", "CVE-2015-1791", "CVE-2015-1792", "CVE-2015-3195", "CVE-2015-3197", "CVE-2016-0797", "CVE-2016-0799", "CVE-2016-0800");
    
      script_name(english:"openSUSE Security Update : libopenssl0_9_8 (openSUSE-2016-294) (DROWN) (FREAK) (POODLE)");
      script_summary(english:"Check for the openSUSE-2016-294 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for libopenssl0_9_8 fixes the following issues :
    
      - CVE-2016-0800 aka the 'DROWN' attack (bsc#968046):
        OpenSSL was vulnerable to a cross-protocol attack that
        could lead to decryption of TLS sessions by using a
        server supporting SSLv2 and EXPORT cipher suites as a
        Bleichenbacher RSA padding oracle.
    
        This update changes the openssl library to :
    
      - Disable SSLv2 protocol support by default.
    
        This can be overridden by setting the environment
        variable 'OPENSSL_ALLOW_SSL2' or by using
        SSL_CTX_clear_options using the SSL_OP_NO_SSLv2 flag.
    
        Note that various services and clients had already
        disabled SSL protocol 2 by default previously.
    
      - Disable all weak EXPORT ciphers by default. These can be
        reenabled if required by old legacy software using the
        environment variable 'OPENSSL_ALLOW_EXPORT'.
    
      - CVE-2016-0797 (bnc#968048): The BN_hex2bn() and
        BN_dec2bn() functions had a bug that could result in an
        attempt to de-reference a NULL pointer leading to
        crashes. This could have security consequences if these
        functions were ever called by user applications with
        large untrusted hex/decimal data. Also, internal usage
        of these functions in OpenSSL uses data from config
        files or application command line arguments. If user
        developed applications generated config file data based
        on untrusted data, then this could have had security
        consequences as well.
    
      - CVE-2016-0799 (bnc#968374) On many 64 bit systems, the
        internal fmtstr() and doapr_outch() functions could
        miscalculate the length of a string and attempt to
        access out-of-bounds memory locations. These problems
        could have enabled attacks where large amounts of
        untrusted data is passed to the BIO_*printf functions.
        If applications use these functions in this way then
        they could have been vulnerable. OpenSSL itself uses
        these functions when printing out human-readable dumps
        of ASN.1 data. Therefore applications that print this
        data could have been vulnerable if the data is from
        untrusted sources. OpenSSL command line applications
        could also have been vulnerable when they print out
        ASN.1 data, or if untrusted data is passed as command
        line arguments. Libssl is not considered directly
        vulnerable.
    
      - The package was updated to 0.9.8zh :
    
      - fixes many security vulnerabilities (not separately
        listed): CVE-2015-3195, CVE-2015-1788, CVE-2015-1789,
        CVE-2015-1790, CVE-2015-1792, CVE-2015-1791,
        CVE-2015-0286, CVE-2015-0287, CVE-2015-0289,
        CVE-2015-0293, CVE-2015-0209, CVE-2015-0288,
        CVE-2014-3571, CVE-2014-3569, CVE-2014-3572,
        CVE-2015-0204, CVE-2014-8275, CVE-2014-3570,
        CVE-2014-3567, CVE-2014-3568, CVE-2014-3566,
        CVE-2014-3510, CVE-2014-3507, CVE-2014-3506,
        CVE-2014-3505, CVE-2014-3508, CVE-2014-0224,
        CVE-2014-0221, CVE-2014-0195, CVE-2014-3470,
        CVE-2014-0076, CVE-2013-0169, CVE-2013-0166
    
      - avoid running OPENSSL_config twice. This avoids breaking
        engine loading. (boo#952871, boo#967787)
    
      - fix CVE-2015-3197 (boo#963415)
    
      - SSLv2 doesn't block disabled ciphers"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=952871"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963415"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=967787"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=968046"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=968048"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=968374"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected libopenssl0_9_8 packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl0_9_8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl0_9_8-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debuginfo-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libopenssl0_9_8-debugsource");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2016/03/03");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE13\.2|SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.2 / 42.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE13.2", reference:"libopenssl0_9_8-0.9.8zh-9.3.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libopenssl0_9_8-debuginfo-0.9.8zh-9.3.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", reference:"libopenssl0_9_8-debugsource-0.9.8zh-9.3.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libopenssl0_9_8-32bit-0.9.8zh-9.3.1") ) flag++;
    if ( rpm_check(release:"SUSE13.2", cpu:"x86_64", reference:"libopenssl0_9_8-debuginfo-32bit-0.9.8zh-9.3.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libopenssl0_9_8-0.9.8zh-14.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libopenssl0_9_8-debuginfo-0.9.8zh-14.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", reference:"libopenssl0_9_8-debugsource-0.9.8zh-14.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libopenssl0_9_8-32bit-0.9.8zh-14.1") ) flag++;
    if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"libopenssl0_9_8-debuginfo-32bit-0.9.8zh-14.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libopenssl0_9_8 / libopenssl0_9_8-32bit / libopenssl0_9_8-debuginfo / etc");
    }
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_10.NASL
    descriptionThe remote host is running a version of Mac OS X is prior to version 10.10. This update contains several security-related fixes for the following components : - 802.1X - AFP File Server - apache - App Sandbox - Bash - Bluetooth - Certificate Trust Policy - CFPreferences - CoreStorage - CUPS - Dock - fdesetup - iCloud Find My Mac - IOAcceleratorFamily - IOHIDFamily - IOKit - Kernel - LaunchServices - LoginWindow - Mail - MCX Desktop Config Profiles - NetFS Client Framework - QuickTime - Safari - Secure Transport - Security - Security - Code Signing Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id78550
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78550
    titleMac OS X < 10.10 Multiple Vulnerabilities (POODLE) (Shellshock)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2014-0032.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2014-3567 - memory leak when handling session tickets - fix CVE-2014-3513 - memory leak in srtp support - add support for fallback SCSV to partially mitigate (CVE-2014-3566) (padding attack on SSL3) - add ECC TLS extensions to DTLS (#1119800) - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3507 - avoid memory leak in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3509 - fix race condition when parsing server hello - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix CVE-2014-3511 - disallow protocol downgrade via fragmentation - fix CVE-2014-0224 fix that broke EAP-FAST session resumption support - drop EXPORT, RC2, and DES from the default cipher list (#1057520) - print ephemeral key size negotiated in TLS handshake (#1057715) - do not include ECC ciphersuites in SSLv2 client hello (#1090952) - properly detect encryption failure in BIO (#1100819) - fail on hmac integrity check if the .hmac file is empty (#1105567) - FIPS mode: make the limitations on DSA, DH, and RSA keygen length enforced only if OPENSSL_ENFORCE_MODULUS_BITS environment variable is set - fix CVE-2010-5298 - possible use of memory after free - fix CVE-2014-0195 - buffer overflow via invalid DTLS fragment - fix CVE-2014-0198 - possible NULL pointer dereference - fix CVE-2014-0221 - DoS from invalid DTLS handshake packet - fix CVE-2014-0224 - SSL/TLS MITM vulnerability - fix CVE-2014-3470 - client-side DoS when using anonymous ECDH - add back support for secp521r1 EC curve - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension - use 2048 bit RSA key in FIPS selftests - add DH_compute_key_padded needed for FIPS CAVS testing - make 3des strength to be 128 bits instead of 168 (#1056616) - FIPS mode: do not generate DSA keys and DH parameters < 2048 bits - FIPS mode: use approved RSA keygen (allows only 2048 and 3072 bit keys) - FIPS mode: add DH selftest - FIPS mode: reseed DRBG properly on RAND_add - FIPS mode: add RSA encrypt/decrypt selftest - FIPS mode: add hard limit for 2^32 GCM block encryptions with the same key - use the key length from configuration file if req -newkey rsa is invoked - fix CVE-2013-4353 - Invalid TLS handshake crash - fix CVE-2013-6450 - possible MiTM attack on DTLS1 - fix CVE-2013-6449 - crash when version in SSL structure is incorrect - add back some no-op symbols that were inadvertently dropped
    last seen2020-06-01
    modified2020-06-02
    plugin id79547
    published2014-11-26
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79547
    titleOracleVM 3.3 : openssl (OVMSA-2014-0032) (Heartbleed) (POODLE)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SERVER_4_1.NASL
    descriptionThe remote Mac OS X host has a version of OS X Server installed that is prior 4.1. It is, therefore, affected by vulnerabilities in the following components : - Dovecot - Firewall - Postfix - Wiki Server
    last seen2020-06-01
    modified2020-06-02
    plugin id83088
    published2015-04-28
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83088
    titleMac OS X : OS X Server < 4.1 Multiple Vulnerabilities (POODLE)
  • NASL familyWeb Servers
    NASL idTOMCAT_6_0_43.NASL
    descriptionAccording to its self-reported version number, the Apache Tomcat service listening on the remote host is 6.0.x prior to 6.0.43. It is, therefore, affected by the following vulnerabilities : - An error exists in the function
    last seen2020-03-18
    modified2015-03-05
    plugin id81649
    published2015-03-05
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81649
    titleApache Tomcat 6.0.x < 6.0.43 Multiple Vulnerabilities (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13069.NASL
    descriptionUpdate fixing three moderate security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-10-20
    plugin id78575
    published2014-10-20
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78575
    titleFedora 20 : openssl-1.0.1e-40.fc20 (2014-13069) (POODLE)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2014-1653.NASL
    descriptionUpdated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to mitigate the CVE-2014-3566 issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id78517
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78517
    titleCentOS 5 : openssl (CESA-2014:1653) (POODLE)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20141016_OPENSSL_ON_SL5_X.NASL
    descriptionThis update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see Upstream
    last seen2020-03-18
    modified2014-10-17
    plugin id78536
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78536
    titleScientific Linux Security Update : openssl on SL5.x i386/x86_64 (20141016) (POODLE)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_0DAD911460CC11E49E840022156E8794.NASL
    descriptionKohsuke Kawaguchi from Jenkins team reports : Historically, Jenkins master and slaves behaved as if they altogether form a single distributed process. This means a slave can ask a master to do just about anything within the confinement of the operating system, such as accessing files on the master or trigger other jobs on Jenkins. This has increasingly become problematic, as larger enterprise deployments have developed more sophisticated trust separation model, where the administators of a master might take slaves owned by other teams. In such an environment, slaves are less trusted than the master. Yet the
    last seen2020-06-01
    modified2020-06-02
    plugin id78815
    published2014-11-03
    reporterThis script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78815
    titleFreeBSD : jenkins -- slave-originated arbitrary code execution on master servers (0dad9114-60cc-11e4-9e84-0022156e8794)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-1387-1.NASL
    descriptionThis OpenSSL update fixes the following issues : - Session Ticket Memory Leak (CVE-2014-3567) - Build option no-ssl3 is incomplete ((CVE-2014-3568) - Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-20
    plugin id83641
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83641
    titleSUSE SLES10 Security Update : OpenSSL (SUSE-SU-2014:1387-1) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1545.NASL
    descriptionUpdated node.js packages that fix one security issue are now available for Red Hat OpenShift Enterprise 2.1. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenShift Enterprise by Red Hat is the company
    last seen2020-06-12
    modified2018-12-04
    plugin id119358
    published2018-12-04
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119358
    titleRHEL 6 : node.js (RHSA-2015:1545) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0079.NASL
    descriptionUpdated java-1.7.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412, CVE-2015-0413) The CVE-2015-0383 issue was discovered by Red Hat. Note: With this update, the Oracle Java SE now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the Red Hat Bugzilla bug linked to in the References section for instructions on how to re-enable SSL 3.0 support if needed. All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 75 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80931
    published2015-01-23
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80931
    titleRHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2015:0079) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-671.NASL
    descriptionopenSSL was updated to version 1.0.1j to fix four security issues and various other issues. These security issues were fixed : - Fix SRTP Memory Leak (CVE-2014-3513) - Session Ticket Memory Leak (CVE-2014-3567) - Add SSL 3.0 Fallback protection TLS_FALLBACK_SCSV (CVE-2014-3566) - Build option no-ssl3 is incomplete (CVE-2014-3568)
    last seen2020-06-05
    modified2014-11-17
    plugin id79269
    published2014-11-17
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79269
    titleopenSUSE Security Update : openssl (openSUSE-SU-2014:1426-1) (POODLE)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2014-288-01.NASL
    descriptionNew openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id78483
    published2014-10-16
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78483
    titleSlackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : openssl (SSA:2014-288-01) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1339.NASL
    descriptionThis update for monit fixes the following issues : - CVE-2016-7067: A malicious attacker could have used a cross-site request forgery vulnerability to trick an authenticated user to perform monit actions. Monit was updated to 5.20, containing all upstream improvements and bug fixes. The following tracked packaging bugs were fixed : - disable sslv3 according to RFC7568 (boo#974763) - fixed pid file directory (boo#971647)
    last seen2020-06-05
    modified2016-11-23
    plugin id95272
    published2016-11-23
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95272
    titleopenSUSE Security Update : monit (openSUSE-2016-1339) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_LIBOPENSSL-DEVEL-141024.NASL
    descriptionThis OpenSSL update fixes the following issues : - Session Ticket Memory Leak. (CVE-2014-3567) - Build option no-ssl3 is incomplete. (CVE-2014-3568) - Add support for TLS_FALLBACK_SCSV to mitigate CVE-2014-3566 (POODLE)
    last seen2020-06-05
    modified2014-11-06
    plugin id78886
    published2014-11-06
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78886
    titleSuSE 11.3 Security Update : OpenSSL (SAT Patch Number 9915)
  • NASL familyWeb Servers
    NASL idOPENSSL_0_9_8ZC.NASL
    descriptionAccording to its banner, the remote web server uses a version of OpenSSL 0.9.8 prior to 0.9.8zc. The OpenSSL library is, therefore, affected by the following vulnerabilities : - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id78552
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78552
    titleOpenSSL 0.9.8 < 0.9.8zc Multiple Vulnerabilities (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-1880.NASL
    descriptionUpdated java-1.7.1-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 and 7 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2014-3065, CVE-2014-3566, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558) The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM article linked to in the References section for additional details about this change and instructions on how to re-enable SSL 3.0 support if needed. All users of java-1.7.1-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7R1 SR2 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id79377
    published2014-11-21
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79377
    titleRHEL 6 / 7 : java-1.7.1-ibm (RHSA-2014:1880) (POODLE)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3144.NASL
    descriptionSeveral vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.
    last seen2020-03-17
    modified2015-01-30
    plugin id81090
    published2015-01-30
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81090
    titleDebian DSA-3144-1 : openjdk-7 - security update (POODLE)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-471.NASL
    descriptionA flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412 , CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585 , CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383)
    last seen2020-06-01
    modified2020-06-02
    plugin id80921
    published2015-01-23
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80921
    titleAmazon Linux AMI : java-1.7.0-openjdk (ALAS-2015-471) (POODLE)
  • NASL familyMisc.
    NASL idVCENTER_OPERATIONS_MANAGER_VMSA_2015-0003-WIN.NASL
    descriptionThe version of VMware vCenter Operations Manager installed on the remote Windows host has a bundled version of the Java JRE prior to version 1.7.0_76-b13 (aka 7.0.760.13). It is, therefore, affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) Additionally, unspecified vulnerabilities also exist in the following bundled Java components : - 2D (CVE-2014-6585, CVE-2014-6591) - Deployment (CVE-2015-0403, CVE-2015-0406) - Hotspot (CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0437) - Installation (CVE-2015-0421) - JAX-WS (CVE-2015-0412) - JSSE (CVE-2014-6593) - Libraries (CVE-2014-6549, CVE-2014-6587, CVE-2015-0400) - RMI (CVE-2015-0408) - Security (CVE-2015-0410) - Serviceability (CVE-2015-0413) - Swing (CVE-2015-0407) VMware has released a patch that updates the JRE bundled with the appliance.
    last seen2020-06-01
    modified2020-06-02
    plugin id82707
    published2015-04-10
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82707
    titleVMware vCenter Operations Management Windows JRE Update 1.7.0_76-b13 (VMSA-2015-0003) (POODLE)
  • NASL familyMisc.
    NASL idVMWARE_WORKSPACE_PORTAL_VMSA2015-0003.NASL
    descriptionThe VMware Workspace Portal (formerly known as VMware Horizon Workspace) installed on the remote host is version 2.x prior to 2.1.1. It is, therefore, affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) Additionally, unspecified vulnerabilities also exist in the following bundled Java components : - 2D (CVE-2014-6585, CVE-2014-6591) - Deployment (CVE-2015-0403, CVE-2015-0406) - Hotspot (CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0437) - Installation (CVE-2015-0421) - JAX-WS (CVE-2015-0412) - JSSE (CVE-2014-6593) - Libraries (CVE-2014-6549, CVE-2014-6587, CVE-2015-0400) - RMI (CVE-2015-0408) - Security (CVE-2015-0410) - Serviceability (CVE-2015-0413) - Swing (CVE-2015-0407)
    last seen2020-06-01
    modified2020-06-02
    plugin id82742
    published2015-04-13
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82742
    titleVMware Workspace Portal Multiple Java Vulnerabilities (VMSA-2015-0003) (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73418.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84270
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84270
    titleAIX 7.1 TL 2 : nettcp (IV73418) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-14234.NASL
    description - SSLv3 server connections are now disabled by default, in response to the POODLE vulnerability, see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014- 3566. - Several PGP/Core plugin improvements - A new version of the RSSyl plugin, completely redesigned and rewritten. - The results of TAB address completion in the Compose window have improved ordering. - Due to popular demand, use of the Up key in the message body in the Compose window stops at the top of the message body and does not continue up to the header fields. This reverts the behaviour introduced in version 3.10.0. - In the Compose window, when navigating with the arrow keys, selecting, and thus modifying, the Account selector is now prevented. - In the Compose window, a mnemonic (s) has been added to the Subject line. - The Queue folder is highlighted if there are messages in its sub-folders and the tree is collapsed. - When sorting messages by
    last seen2020-03-17
    modified2014-11-11
    plugin id79097
    published2014-11-11
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79097
    titleFedora 20 : claws-mail-3.11.1-2.fc20 / claws-mail-plugins-3.11.1-1.fc20 / libetpan-1.6-1.fc20 (2014-14234) (POODLE)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2014-0040.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - add support for fallback SCSV to partially mitigate (CVE-2014-3566) (padding attack on SSL3) - fix CVE-2014-0221 - recursion in DTLS code leading to DoS - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt
    last seen2020-06-01
    modified2020-06-02
    plugin id79555
    published2014-11-26
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79555
    titleOracleVM 2.2 : openssl (OVMSA-2014-0040) (POODLE)
  • NASL familyCISCO
    NASL idCISCO-SA-20141015-POODLE-CUCM.NASL
    descriptionAccording to its self-reported version, the remote Cisco Unified Communications Manager (CUCM) device is affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id79218
    published2014-11-12
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79218
    titleCisco Unified Communications Manager SSLv3 Information Disclosure (cisco-sa-20141015-poodle) (POODLE)
  • NASL familyMisc.
    NASL idAPPLETV_7_0_1.NASL
    descriptionAccording to its banner, the remote Apple TV device is a version prior to 7.0.1. It is, therefore, affected by the following vulnerabilities : - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id78871
    published2014-11-05
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78871
    titleApple TV < 7.0.1 Multiple Vulnerabilities (POODLE)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2487-1.NASL
    descriptionSeveral vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395, CVE-2015-0408, CVE-2015-0412) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400, CVE-2015-0407) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6593) A vulnerability was discovered in the OpenJDK JRE related to integrity and availability. An attacker could exploit this to cause a denial of service. (CVE-2015-0383) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could this exploit to cause a denial of service. (CVE-2015-0410) A vulnerability was discovered in the OpenJDK JRE related to data integrity. (CVE-2015-0413). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id81045
    published2015-01-28
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81045
    titleUbuntu 14.04 LTS / 14.10 : openjdk-7 vulnerabilities (USN-2487-1) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0085.NASL
    descriptionUpdated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id81013
    published2015-01-27
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81013
    titleRHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2015:0085) (POODLE)
  • NASL familyMisc.
    NASL idVCENTER_OPERATIONS_MANAGER_VMSA_2015-0003-LINUX.NASL
    descriptionThe version of VMware vCenter Operations Manager installed on the remote Linux host has a bundled version of the Java JRE prior to version 1.7.0_76-b13 (aka 7.0.760.13). It is, therefore, affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) Additionally, unspecified vulnerabilities also exist in the following bundled Java components : - 2D (CVE-2014-6585, CVE-2014-6591) - Deployment (CVE-2015-0403, CVE-2015-0406) - Hotspot (CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0437) - Installation (CVE-2015-0421) - JAX-WS (CVE-2015-0412) - JSSE (CVE-2014-6593) - Libraries (CVE-2014-6549, CVE-2014-6587, CVE-2015-0400) - RMI (CVE-2015-0408) - Security (CVE-2015-0410) - Serviceability (CVE-2015-0413) - Swing (CVE-2015-0407) VMware has released a patch that updates the JRE bundled with the appliance.
    last seen2020-06-01
    modified2020-06-02
    plugin id82705
    published2015-04-10
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82705
    titleVMware vCenter Operations Management Linux JRE Update 1.7.0_76-b13 (VMSA-2015-0003) (POODLE)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20141016_OPENSSL_ON_SL6_X.NASL
    descriptionThis update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see Upstream
    last seen2020-03-18
    modified2014-10-17
    plugin id78537
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78537
    titleScientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20141016) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-9090.NASL
    descriptionUpdate to latest release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-10-16
    plugin id86409
    published2015-10-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86409
    titleFedora 21 : fossil-1.33-1.fc21 (2015-9090) (POODLE)
  • NASL familyMisc.
    NASL idVMWARE_VCENTER_VMSA-2015-0001.NASL
    descriptionThe VMware vCenter Server installed on the remote host is version 5.5 prior to Update 2d. It is, therefore, affected by multiple vulnerabilities in the included OpenSSL library : - An error exists related to DTLS SRTP extension handling and specially crafted handshake messages that can allow denial of service attacks via memory leaks. (CVE-2014-3513) - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. Man-in-the-middle attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id81146
    published2015-02-03
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81146
    titleVMware Security Updates for vCenter Server (VMSA-2015-0001) (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73416.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84268
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84268
    titleAIX 6.1 TL 8 : nettcp (IV73416) (POODLE)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3253.NASL
    descriptionPound, a HTTP reverse proxy and load balancer, had several issues related to vulnerabilities in the Secure Sockets Layer (SSL) protocol. For Debian 7 (wheezy) this update adds a missing part to make it actually possible to disable client-initiated renegotiation and disables it by default (CVE-2009-3555 ). TLS compression is disabled (CVE-2012-4929 ), although this is normally already disabled by the OpenSSL system library. Finally it adds the ability to disable the SSLv3 protocol (CVE-2014-3566 ) entirely via the new
    last seen2020-06-01
    modified2020-06-02
    plugin id83306
    published2015-05-11
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83306
    titleDebian DSA-3253-1 : pound - security update (POODLE)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2014-0038.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - xend: disable sslv3 due to (CVE-2014-3566)
    last seen2020-06-01
    modified2020-06-02
    plugin id79553
    published2014-11-26
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79553
    titleOracleVM 3.3 : xen (OVMSA-2014-0038) (POODLE)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_142824-24.NASL
    descriptionIndexing and Search Service 1u5-24.12700: core patch. Date this patch was last updated by Sun : Mar/24/15
    last seen2020-06-01
    modified2020-06-02
    plugin id107537
    published2018-03-12
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/107537
    titleSolaris 10 (sparc) : 142824-24 (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1546.NASL
    descriptionUpdated node.js packages that fix one security issue are now available for Red Hat OpenShift Enterprise 2.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. OpenShift Enterprise by Red Hat is the company
    last seen2020-06-12
    modified2018-12-04
    plugin id119359
    published2018-12-04
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119359
    titleRHEL 6 : node.js (RHSA-2015:1546) (POODLE)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2014-0037.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - disable sslv3 due to (CVE-2014-3566) - Allow to create more than 6 bonds Singed-off-by: Adnan Misherfi
    last seen2020-06-01
    modified2020-06-02
    plugin id79552
    published2014-11-26
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79552
    titleOracleVM 3.2 : ovs-agent (OVMSA-2014-0037) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13794.NASL
    descriptionNew features : - Send list of compliance reasons on dbus - Added client-side support for --matches on the list command. Security : - 1153375: Support TLSv1.2 and v1.1 by default. (CVE-2014-3566) Bug fixes : - 1120772: Don
    last seen2020-03-17
    modified2014-11-07
    plugin id78906
    published2014-11-07
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78906
    titleFedora 19 : python-rhsm-1.13.6-1.fc19 (2014-13794)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2015-0068.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0068 for details.
    last seen2020-06-01
    modified2020-06-02
    plugin id84140
    published2015-06-12
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84140
    titleOracleVM 3.2 : xen (OVMSA-2015-0068) (POODLE) (Venom)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2285-1.NASL
    descriptionThis update provides apache2-mod_nss 1.0.14, which brings several fixes and enhancements : - Fix OpenSSL ciphers stopped parsing at +. (CVE-2016-3099) - Created valgrind suppression files to ease debugging. - Implement SSL_PPTYPE_FILTER to call executables to get the key password pins. - Improvements to migrate.pl. - Update default ciphers to something more modern and secure. - Check for host and netstat commands in gencert before trying to use them. - Add server support for DHE ciphers. - Extract SAN from server/client certificates into env - Fix memory leaks and other coding issues caught by clang analyzer. - Add support for Server Name Indication (SNI). - Add support for SNI for reverse proxy connections. - Add RenegBufferSize? option. - Add support for TLS Session Tickets (RFC 5077). - Fix logical AND support in OpenSSL cipher compatibility. - Correctly handle disabled ciphers. (CVE-2015-5244) - Implement a slew more OpenSSL cipher macros. - Fix a number of illegal memory accesses and memory leaks. - Support for SHA384 ciphers if they are available in NSS. - Add compatibility for mod_ssl-style cipher definitions. - Add TLSv1.2-specific ciphers. - Completely remove support for SSLv2. - Add support for sqlite NSS databases. - Compare subject CN and VS hostname during server start up. - Add support for enabling TLS v1.2. - Don
    last seen2020-06-01
    modified2020-06-02
    plugin id93457
    published2016-09-13
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93457
    titleSUSE SLES12 Security Update : apache2-mod_nss (SUSE-SU-2016:2285-1) (POODLE)
  • NASL familyWeb Servers
    NASL idWEBSPHERE_8_5_5_4.NASL
    descriptionThe IBM WebSphere Application Server running on the remote host is version 8.5 prior to Fix Pack 8.5.5.4. It is, therefore, affected by the following vulnerabilities : - Multiple errors exist related to the included IBM HTTP server that can allow remote code execution or denial of service. (CVE-2013-5704, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231 / PI22070) - An unspecified error exists related to HTTP headers that can allow information disclosure. (CVE-2014-3021 / PI08268) - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id80398
    published2015-01-07
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80398
    titleIBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.4 Multiple Vulnerabilities (POODLE)
  • NASL familyCGI abuses
    NASL idSPLUNK_607.NASL
    descriptionAccording to its version number, the Splunk Enterprise hosted on the remote web server is 6.0.x prior to 6.0.7. It is, therefore, affected by the following vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - A flaw exists in the included OpenSSL library due to handling session tickets that have not been properly verified for integrity. A remote attacker, by using a large number of invalid session tickets, can exploit this to cause a denial of service. (CVE-2014-3567) - A cross-site scripting flaw exists within the Dashboard due to improperly validating input. This allows a remote attacker, using a specially crafted request, to execute arbitrary script code in the user
    last seen2020-06-01
    modified2020-06-02
    plugin id79723
    published2014-12-04
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79723
    titleSplunk Enterprise 6.0.x < 6.0.7 Multiple Vulnerabilities (POODLE)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2509.NASL
    descriptionAccording to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.Security Fix(es):The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the
    last seen2020-05-08
    modified2019-12-04
    plugin id131662
    published2019-12-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131662
    titleEulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2019-2509)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201411-10.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201411-10 (Asterisk: Multiple Vulnerabilities) Multiple unspecified vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could exploit the vulnerabilities to cause a man in the middle attack or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id79418
    published2014-11-24
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79418
    titleGLSA-201411-10 : Asterisk: Multiple Vulnerabilities (POODLE)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-0068.NASL
    descriptionFrom Red Hat Security Advisory 2015:0068 : Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80900
    published2015-01-22
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80900
    titleOracle Linux 5 : java-1.7.0-openjdk (ELSA-2015-0068) (POODLE)
  • NASL familyMisc.
    NASL idVMWARE_VCENTER_VMSA-2015-0003.NASL
    descriptionThe VMware vCenter Server installed on the remote host is version 5.0 prior to 5.0u3d, 5.1 prior to 5.1u3a, 5.5 prior to 5.5u2e, or 6.0 prior to 6.0.0a. It is, therefore, affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE, related to the bundled JRE component. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. Additionally, multiple unspecified vulnerabilities also exist in the following bundled JRE components : - 2D (CVE-2014-6585, CVE-2014-6591) - Deployment (CVE-2015-0403, CVE-2015-0406) - Hotspot (CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0437) - Installation (CVE-2015-0421) - JAX-WS (CVE-2015-0412) - JSSE (CVE-2014-6593) - Libraries (CVE-2014-6549, CVE-2014-6587, CVE-2015-0400) - RMI (CVE-2015-0408) - Security (CVE-2015-0410) - Serviceability (CVE-2015-0413) - Swing (CVE-2015-0407)
    last seen2020-06-01
    modified2020-06-02
    plugin id83186
    published2015-05-01
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/83186
    titleVMware vCenter Server Multiple Java Vulnerabilities (VMSA-2015-0003) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-15390.NASL
    descriptionThis release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3 by default for the most predominate uses of TLS in Node.js. It took longer than expected to get this release accomplished in a way that would provide appropriate default security settings, while minimizing the surface area for the behavior change we were introducing. It was also important that we validated that our changes were being applied in the variety of configurations we support in our APIs. With this release, we are confident that the only behavior change is that of the default allowed protocols do not include SSLv2 or SSLv3. Though you are still able to programatically consume those protocols if necessary. Included is the documentation that you can find at https://nodejs.org/api/tls.html#tls_protocol_support that describes how this works going forward for client and server implementations. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-12-15
    plugin id79897
    published2014-12-15
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79897
    titleFedora 19 : libuv-0.10.29-1.fc19 / nodejs-0.10.33-1.fc19 (2014-15390) (POODLE)
  • NASL familyWindows
    NASL idSTUNNEL_5_06.NASL
    descriptionThe version of stunnel installed on the remote host is prior to version 5.06. It is, therefore, affected by the following vulnerabilities in the bundled OpenSSL library : - An error exists related to DTLS SRTP extension handling and specially crafted handshake messages that can allow denial of service attacks via memory leaks. (CVE-2014-3513) - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id78584
    published2014-10-20
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78584
    titlestunnel < 5.06 OpenSSL Multiple Vulnerabilities (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73419.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84271
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84271
    titleAIX 7.1 TL 3 : nettcp (IV73419) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-14217.NASL
    description - SSLv3 server connections are now disabled by default, in response to the POODLE vulnerability, see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014- 3566. - Several PGP/Core plugin improvements - A new version of the RSSyl plugin, completely redesigned and rewritten. - The results of TAB address completion in the Compose window have improved ordering. - Due to popular demand, use of the Up key in the message body in the Compose window stops at the top of the message body and does not continue up to the header fields. This reverts the behaviour introduced in version 3.10.0. - In the Compose window, when navigating with the arrow keys, selecting, and thus modifying, the Account selector is now prevented. - In the Compose window, a mnemonic (s) has been added to the Subject line. - The Queue folder is highlighted if there are messages in its sub-folders and the tree is collapsed. - When sorting messages by
    last seen2020-03-17
    modified2014-11-11
    plugin id79096
    published2014-11-11
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79096
    titleFedora 21 : claws-mail-3.11.1-2.fc21 / claws-mail-plugins-3.11.1-1.fc21 / libetpan-1.6-1.fc21 (2014-14217) (POODLE)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_CISCO_ANYCONNECT_3_1_5187.NASL
    descriptionThe remote host has a version of Cisco AnyConnect prior to 3.1(5187). It is, therefore, affected by an information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id78677
    published2014-10-24
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78677
    titleMac OS X : Cisco AnyConnect Secure Mobility Client < 3.1(5187) (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73975.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84274
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84274
    titleAIX 7.1 TL 3 : nettcp (IV73975) (POODLE)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL10065173.NASL
    descriptionA BIG-IP virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle (MITM) attack, despite the attacker not having gained access to the server
    last seen2020-03-17
    modified2019-02-26
    plugin id122432
    published2019-02-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122432
    titleF5 Networks BIG-IP : TMM TLS virtual server vulnerability (K10065173) (POODLE)
  • NASL familyMisc.
    NASL idVMWARE_ESXI_5_5_BUILD_2352327_REMOTE.NASL
    descriptionThe remote VMware ESXi host is version 5.5 prior to build 2352327. It is, therefore, affected by the following vulnerabilities : - An error exists related to DTLS SRTP extension handling and specially crafted handshake messages that can allow denial of service attacks via memory leaks. (CVE-2014-3513) - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id81085
    published2015-01-29
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81085
    titleESXi 5.5 < Build 2352327 Multiple Vulnerabilities (remote check) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0264.NASL
    descriptionUpdated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Satellite 5.6. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Satellite 5.6. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment. (CVE-2014-3065, CVE-2014-3068, CVE-2014-3566, CVE-2014-4209, CVE-2014-4218, CVE-2014-4219, CVE-2014-4227, CVE-2014-4244, CVE-2014-4252, CVE-2014-4262, CVE-2014-4263, CVE-2014-4265, CVE-2014-4288, CVE-2014-6457, CVE-2014-6458, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-8891, CVE-2014-8892, CVE-2015-0395, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412) The CVE-2014-4262 and CVE-2014-6512 issues were discovered by Florian Weimer of Red Hat Product Security. Users of Red Hat Satellite 5.6 are advised to upgrade to these updated packages, which contain the IBM Java SE 6 SR16-FP3 release. For this update to take effect, Red Hat Satellite must be restarted (
    last seen2020-06-01
    modified2020-06-02
    plugin id81505
    published2015-02-25
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81505
    titleRHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:0264) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0698.NASL
    descriptionUpdated rhevm-spice-client packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Virtualization Manager 3. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat Enterprise Virtualization Manager provides access to virtual machines using SPICE. These SPICE client packages provide the SPICE client and usbclerk service for both Windows 32-bit operating systems and Windows 64-bit operating systems. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138, CVE-2014-8157, CVE-2014-8158, CVE-2014-9029, CVE-2014-8137, CVE-2011-4516, CVE-2011-4517, CVE-2008-3520, CVE-2008-3522) Red Hat would like to thank oCERT for reporting CVE-2014-8137, CVE-2014-8138, CVE-2014-8157, CVE-2014-8158, CVE-2014-9029, CVE-2011-4516, and CVE-2011-4517. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter of CVE-2014-8137 and CVE-2014-8138; and pyddeh as the original reporter of CVE-2014-8157 and CVE-2014-8158. The mingw-openssl and mingw-jasper packages have been upgraded to the latest upstream version, which provides a number of bug fixes and enhancements over the previous version. (BZ#1187585) This update also fixes the following bugs : * Previously, a guest system installed with tools incorrectly always started in full screen mode, even when the
    last seen2020-06-01
    modified2020-06-02
    plugin id81969
    published2015-03-20
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81969
    titleRHEL 6 : rhevm-spice-client (RHSA-2015:0698) (POODLE)
  • NASL familyWeb Servers
    NASL idOPENSSL_1_0_0O.NASL
    descriptionAccording to its banner, the remote web server uses a version of OpenSSL 1.0.0 prior to 1.0.0o. The OpenSSL library is, therefore, affected by the following vulnerabilities : - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id78553
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78553
    titleOpenSSL 1.0.0 < 1.0.1o Multiple Vulnerabilities (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-1652.NASL
    descriptionUpdated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server. (CVE-2014-3513) A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server. (CVE-2014-3567) All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to mitigate the CVE-2014-3566 issue and correct the CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id78532
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78532
    titleRHEL 6 / 7 : openssl (RHSA-2014:1652) (POODLE)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-252.NASL
    descriptionUpdated nss packages fix security vulnerabilities : In the QuickDER decoder in NSS before 3.17.3, ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data (CVE-2014-1569). This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV) in NSS, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0, mitigating CVE-2014-3566, also known as POODLE. SSL 3.0 support has also been disabled by default in this Firefox and Thunderbird update, further mitigating POODLE.
    last seen2020-06-01
    modified2020-06-02
    plugin id80041
    published2014-12-16
    reporterThis script is Copyright (C) 2014-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80041
    titleMandriva Linux Security Advisory : nss (MDVSA-2014:252)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-198.NASL
    descriptionMultiple vulnerabilities has been discovered and corrected in java-1.8.0-openjdk : Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions (CVE-2014-6601, CVE-2015-0437). Multiple improper permission check issues were discovered in the JAX-WS, Libraries, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-0412, CVE-2014-6549, CVE-2015-0408). A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions (CVE-2015-0395). A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded (CVE-2015-0410). A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack (CVE-2014-3566). Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled (CVE-2014-6593). An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions (CVE-2015-0407). A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions (CVE-2014-6587). Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory (CVE-2014-6585, CVE-2014-6591). Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack (CVE-2015-0383). The updated packages provides a solution for these security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id82684
    published2015-04-10
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82684
    titleMandriva Linux Security Advisory : java-1.8.0-openjdk (MDVSA-2015:198)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-91.NASL
    descriptionOpenJDK was updated to 2.5.4 - OpenJDK 7u75 to fix security issues and bugs : - Security fixes - S8046656: Update protocol support - S8047125, CVE-2015-0395: (ref) More phantom object references - S8047130: Fewer escapes from escape analysis - S8048035, CVE-2015-0400: Ensure proper proxy protocols - S8049253: Better GC validation - S8050807, CVE-2015-0383: Better performing performance data handling - S8054367, CVE-2015-0412: More references for endpoints - S8055304, CVE-2015-0407: More boxing for DirectoryComboBoxModel - S8055309, CVE-2015-0408: RMI needs better transportation considerations - S8055479: TLAB stability - S8055489, CVE-2014-6585: Better substitution formats - S8056264, CVE-2014-6587: Multicast support improvements - S8056276, CVE-2014-6591: Fontmanager feature improvements - S8057555, CVE-2014-6593: Less cryptic cipher suite management - S8058982, CVE-2014-6601: Better verification of an exceptional invokespecial - S8059485, CVE-2015-0410: Resolve parsing ambiguity - S8061210, CVE-2014-3566: Issues in TLS
    last seen2020-06-05
    modified2015-02-03
    plugin id81141
    published2015-02-03
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81141
    titleopenSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2015:0190-1) (POODLE)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-480.NASL
    descriptionA flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412 , CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585 , CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat.
    last seen2020-06-01
    modified2020-06-02
    plugin id81326
    published2015-02-13
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81326
    titleAmazon Linux AMI : java-1.6.0-openjdk (ALAS-2015-480) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-459.NASL
    descriptionThis update for slrn contains one security improvement : - CVE-2014-3566: Disable SSLv3 to prevent POODLE attack (boo#1031023) The version 1.0.3 also contains a number of display and message processing improvements.
    last seen2020-06-05
    modified2017-04-12
    plugin id99297
    published2017-04-12
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99297
    titleopenSUSE Security Update : slrn (openSUSE-2017-459) (POODLE)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_03175E62549411E49CC1BC5FF4FB5E7B.NASL
    descriptionThe OpenSSL Project reports : A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected. [CVE-2014-3513]. When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack. [CVE-2014-3567]. OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade. Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE [CVE-2014-3566]. When OpenSSL is configured with
    last seen2020-06-01
    modified2020-06-02
    plugin id78495
    published2014-10-16
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78495
    titleFreeBSD : OpenSSL -- multiple vulnerabilities (03175e62-5494-11e4-9cc1-bc5ff4fb5e7b) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2329-1.NASL
    descriptionThis update provides apache2-mod_nss 1.0.14, which brings several fixes and enhancements : - SHA256 cipher names change spelling from *_sha256 to *_sha_256. - Drop mod_nss_migrate.pl and use upstream migrate script instead. - Check for Apache user owner/group read permissions of NSS database at startup. - Update default ciphers to something more modern and secure. - Check for host and netstat commands in gencert before trying to use them. - Don
    last seen2020-06-01
    modified2020-06-02
    plugin id93590
    published2016-09-19
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93590
    titleSUSE SLES11 Security Update : apache2-mod_nss (SUSE-SU-2016:2329-1) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_JAVA-1_6_0-IBM-141119.NASL
    descriptionjava-1_6_0-ibm has been updated to version 1.6.0_sr16.2 to fix 18 security issues. These security issues has been fixed : - Unspecified vulnerability in Oracle Java SE 6u81. (CVE-2014-3065) - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the
    last seen2020-06-05
    modified2014-12-01
    plugin id79634
    published2014-12-01
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79634
    titleSuSE 11.3 Security Update : IBM Java (SAT Patch Number 9992)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_JAVA-1_7_0-IBM-141121.NASL
    descriptionjava-1_7_0-ibm has been updated to version 1.7.0_sr7.2 to fix 21 security issues. These security issues have been fixed : - Unspecified vulnerability. (CVE-2014-3065) - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the
    last seen2020-06-05
    modified2014-12-01
    plugin id79635
    published2014-12-01
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79635
    titleSuSE 11.3 Security Update : IBM Java (SAT Patch Number 9999)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-1541-1.NASL
    descriptionjava-1_6_0-ibm was updated to version 1.6.0_sr16.2 to fix 18 security issues. These security issues were fixed : - Unspecified vulnerability in Oracle Java SE 6u81 (CVE-2014-3065). - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the
    last seen2020-06-05
    modified2019-01-02
    plugin id119959
    published2019-01-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119959
    titleSUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2014:1541-1) (POODLE)
  • NASL familyWeb Servers
    NASL idTOMCAT_8_0_15.NASL
    descriptionAccording to its self-reported version number, the Apache Tomcat server listening on the remote host is 8.0.x prior to 8.0.15. It is, therefore, affected by the following vulnerabilities : - A memory double-free error exists in
    last seen2020-06-01
    modified2020-06-02
    plugin id81651
    published2015-03-05
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81651
    titleApache Tomcat 8.0.x < 8.0.15 Multiple Vulnerabilities (POODLE)
  • NASL familyWindows
    NASL idIBM_DOMINO_SWG21693142.NASL
    descriptionThe version of IBM Domino (formerly Lotus Domino) installed on the remote host is affected by a man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id90512
    published2016-04-14
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/90512
    titleIBM Domino SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73974.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84273
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84273
    titleAIX 7.1 TL 2 : nettcp (IV73974) (POODLE)
  • NASL familyWindows
    NASL idSMB_KB3009008.NASL
    descriptionThe remote host is missing one of the workarounds referenced in the Microsoft Security Advisory 3009008. If the client registry key workaround has not been applied, any client software installed on the remote host (including IE) is affected by an information disclosure vulnerability when using SSL 3.0. If the server registry key workaround has not been applied, any server software installed on the remote host (including IIS) is affected by an information disclosure vulnerability when using SSL 3.0. SSL 3.0 uses nondeterministic CBC padding, which allows a man-in-the-middle attacker to decrypt portions of encrypted traffic using a
    last seen2020-06-01
    modified2020-06-02
    plugin id78447
    published2014-10-15
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78447
    titleMS KB3009008: Vulnerability in SSL 3.0 Could Allow Information Disclosure (POODLE)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-0068.NASL
    descriptionUpdated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80869
    published2015-01-21
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80869
    titleCentOS 5 : java-1.7.0-openjdk (CESA-2015:0068) (POODLE)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_OPENSSL_20141104.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates : - Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message. (CVE-2014-3513) - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the
    last seen2020-06-01
    modified2020-06-02
    plugin id80725
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80725
    titleOracle Solaris Third-Party Patch Update : openssl (multiple_vulnerabilities_in_openssl6) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-1457-1.NASL
    description - Previous versions of cyrus-imapd would not allow its users to disable old protocols like SSLv1 and SSLv2 that are unsafe due to various known attacks like BEAST and POODLE. https://bugzilla.cyrusimap.org/show_bug.cgi?id=3867 remedies this issue by adding the configuration option
    last seen2020-06-01
    modified2020-06-02
    plugin id91650
    published2016-06-17
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91650
    titleSUSE SLES12 Security Update : cyrus-imapd (SUSE-SU-2016:1457-1) (POODLE)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-400.NASL
    descriptionThis update fixes certain known vulnerabilities in pound in squeeze-lts by backporting the version in wheezy. CVE-2009-3555 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a
    last seen2020-03-17
    modified2016-01-25
    plugin id88107
    published2016-01-25
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88107
    titleDebian DLA-400-1 : pound security update (BEAST) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13777.NASL
    descriptionBackport various security fixes. Note they usually are extra options that need to be enabled manually so that we won
    last seen2020-03-17
    modified2014-11-12
    plugin id79192
    published2014-11-12
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79192
    titleFedora 20 : Pound-2.6-8.fc20 (2014-13777)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3147.NASL
    descriptionSeveral vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.
    last seen2020-03-17
    modified2015-02-02
    plugin id81111
    published2015-02-02
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81111
    titleDebian DSA-3147-1 : openjdk-6 - security update (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_EVOLUTION-DATA-SERVER-141114.NASL
    descriptionevolution-data-server has been updated to disable support for SSLv3. This security issues has been fixed : - SSLv3 POODLE attack (CVE-2014-3566)
    last seen2020-06-05
    modified2014-11-28
    plugin id79618
    published2014-11-28
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79618
    titleSuSE 11.3 Security Update : evolution-data-server (SAT Patch Number 9969)
  • NASL familyMisc.
    NASL idASTERISK_AST_2014_011.NASL
    descriptionAccording to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by an error related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id78623
    published2014-10-22
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78623
    titleAsterisk Information Disclosure (AST-2014-011) (POODLE)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3489.NASL
    descriptionlighttpd, a small webserver, is vulnerable to the POODLE attack via the use of SSLv3. This protocol is now disabled by default.
    last seen2020-06-01
    modified2020-06-02
    plugin id88941
    published2016-02-25
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/88941
    titleDebian DSA-3489-1 : lighttpd - security update (POODLE)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SERVER_2_2_5.NASL
    descriptionThe remote Mac OS X 10.8 host has a version of OS X Server installed that is prior to version 2.2.5. It is, therefore, affected by an information disclosure vulnerability. An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id78599
    published2014-10-21
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78599
    titleMac OS X : OS X Server < 2.2.5 SSLv3 Information Disclosure (POODLE)
  • NASL familyMisc.
    NASL idXEROX_XRX15AJ.NASL
    descriptionAccording to its model number and software version, the remote Xerox WorkCentre 3550 device is affected by multiple OpenSSL vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204)
    last seen2020-06-01
    modified2020-06-02
    plugin id87323
    published2015-12-11
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87323
    titleXerox WorkCentre 3550 OpenSSL Multiple Vulnerabilities (XRX15AJ) (FREAK) (POODLE)
  • NASL familyWeb Servers
    NASL idOPENSSL_1_0_1J.NASL
    descriptionAccording to its banner, the remote web server uses a version of OpenSSL 1.0.1 prior to 1.0.1j. The OpenSSL library is, therefore, affected by the following vulnerabilities : - An error exists related to DTLS SRTP extension handling and specially crafted handshake messages that can allow denial of service attacks via memory leaks. (CVE-2014-3513) - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id78554
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78554
    titleOpenSSL 1.0.1 < 1.0.1j Multiple Vulnerabilities (POODLE)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SERVER_4_0.NASL
    descriptionThe remote Mac OS X host has a version of OS X Server installed that is prior to version 4.0. It is, therefore, affected by the following vulnerabilities : - There are multiple vulnerabilities within the included BIND, the most serious of which can lead to a denial of service. (CVE-2013-3919, CVE-2013-4854, CVE-2014-0591) - There are multiple vulnerabilities within the included LibYAML for the Profile Manager and ServerRuby, the most serious of which can lead to arbitrary code execution. (CVE-2013-4164, CVE-2013-6393) - There are multiple vulnerabilities within the included PostgreSQL, the most serious of which can lead to arbitrary code execution. (CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066) - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id78601
    published2014-10-21
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78601
    titleMac OS X : OS X Server < 4.0 Multiple Vulnerabilities (POODLE)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_384FC0B2014411E58FDA002590263BF5.NASL
    descriptionMickael Guessant reports : DavMail 4.6.0 released Enhancements: Fix potential CVE-2014-3566 vulnerability.
    last seen2020-06-01
    modified2020-06-02
    plugin id83794
    published2015-05-26
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83794
    titleFreeBSD : davmail -- fix potential CVE-2014-3566 vulnerability (POODLE) (384fc0b2-0144-11e5-8fda-002590263bf5) (POODLE)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2015-001.NASL
    descriptionThe remote host is running a version of Mac OS X 10.8 or 10.9 that does not have Security Update 2015-001 applied. This update contains several security-related fixes for the following components : - AFP Server - Bluetooth - CoreGraphics - CoreSymbolication - FontParser - Foundation - Intel Graphics Driver - IOAcceleratorFamily - IOHIDFamily - Kernel - LaunchServices - libnetcore - LoginWindow - lukemftp - OpenSSL - Sandbox - SceneKit - Security - security_taskgate - Spotlight - sysmond Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id81088
    published2015-01-29
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81088
    titleMac OS X Multiple Vulnerabilities (Security Update 2015-001) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-1512-1.NASL
    descriptioncompat-openssl098 was updated to fix three security issues. NOTE: this update alone DOESN
    last seen2020-06-05
    modified2015-05-20
    plugin id83647
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83647
    titleSUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2014:1512-1) (POODLE)
  • NASL familyWeb Servers
    NASL idGLASSFISH_CPU_APR_2015.NASL
    descriptionThe version of GlassFish Server running on the remote host is affected by multiple vulnerabilities : - A flaw exists in the bundled cURL and libcurl packages. The certificate CN and SAN name field verification (CURLOPT_SSL_VERIFYHOST) is disabled when the digital signature verification (CURLOPT_SSL_VERIFYPEER) is disabled. This allows a man-in-the-middle attacker to spoof SSL servers via an arbitrary valid certificate. (CVE-2013-4545) - A flaw exists in the bundled Network Security Services (NSS) library due to improper parsing of ASN.1 values in X.509 certificates. This allows a man-in-the-middle attacker to spoof RSA signatures via a crafted certificate. (CVE-2014-1568) - A man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566)
    last seen2020-06-01
    modified2020-06-02
    plugin id82902
    published2015-04-20
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82902
    titleOracle GlassFish Server Multiple Vulnerabilities (April 2015 CPU) (POODLE)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-0069.NASL
    descriptionUpdated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-6601, CVE-2015-0437) Multiple improper permission check issues were discovered in the JAX-WS, Libraries, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2014-6549, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All users of java-1.8.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80870
    published2015-01-21
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80870
    titleCentOS 6 : java-1.8.0-openjdk (CESA-2015:0069) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-1877.NASL
    descriptionUpdated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2014-3065, CVE-2014-3566, CVE-2014-4288, CVE-2014-6457, CVE-2014-6458, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558) The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM article linked to in the References section for additional details about this change and instructions on how to re-enable SSL 3.0 support if needed. All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR16-FP2 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id79352
    published2014-11-20
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79352
    titleRHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:1877) (POODLE)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2014-1948.NASL
    descriptionUpdated nss, nss-util, and nss-softokn packages that contain a patch to mitigate the CVE-2014-3566 issue, fix a number of bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 The nss, nss-util, and nss-softokn packages have been upgraded to upstream version 3.16.2.3, which provides a number of bug fixes and enhancements over the previous version, and adds the support for Mozilla Firefox 31.3. (BZ#1158159, BZ#1165003, BZ#1165525) Users of nss, nss-util, and nss-softokn are advised to upgrade to these updated packages, which contain a backported patch to mitigate the CVE-2014-3566 issue, fix these bugs, and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id79695
    published2014-12-04
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79695
    titleCentOS 5 / 6 / 7 : nss (CESA-2014:1948) (POODLE)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_76C7A0F5592811E4ADC7001999F8D30B.NASL
    descriptionThe Asterisk project reports : The POODLE vulnerability is described under CVE-2014-3566. This advisory describes the Asterisk
    last seen2020-06-01
    modified2020-06-02
    plugin id78611
    published2014-10-22
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78611
    titleFreeBSD : asterisk -- Asterisk Susceptibility to POODLE Vulnerability (76c7a0f5-5928-11e4-adc7-001999f8d30b) (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73973.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84272
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84272
    titleAIX 6.1 TL 8 : nettcp (IV73973) (POODLE)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-0067.NASL
    descriptionUpdated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80868
    published2015-01-21
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80868
    titleCentOS 6 / 7 : java-1.7.0-openjdk (CESA-2015:0067) (POODLE)
  • NASL familyWindows
    NASL idVMWARE_VCENTER_CHARGEBACK_MANAGER_VMSA_2015_0003.NASL
    descriptionThe version of VMware vCenter Chargeback Manager installed on the remote host is affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) Additionally, unspecified vulnerabilities also exist in the following bundled Java components : - 2D (CVE-2014-6585, CVE-2014-6591) - Deployment (CVE-2015-0403, CVE-2015-0406) - Hotspot (CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0437) - Installation (CVE-2015-0421) - JAX-WS (CVE-2015-0412) - JSSE (CVE-2014-6593) - Libraries (CVE-2014-6549, CVE-2014-6587, CVE-2015-0400) - RMI (CVE-2015-0408) - Security (CVE-2015-0410) - Serviceability (CVE-2015-0413) - Swing (CVE-2015-0407)
    last seen2020-06-01
    modified2020-06-02
    plugin id82899
    published2015-04-20
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82899
    titleVMware vCenter Chargeback Manager Multiple Java Vulnerabilities (VMSA-2015-0003) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0067.NASL
    descriptionUpdated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80880
    published2015-01-21
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80880
    titleRHEL 6 / 7 : java-1.7.0-openjdk (RHSA-2015:0067) (POODLE)
  • NASL familyWindows
    NASL idSOLARWINDS_SRM_PROFILER_6_2_3.NASL
    descriptionThe version of SolarWinds Storage Resource Monitor (SRM) Profiler (formerly SolarWinds Storage Manager) running on the remote host is prior to 6.2.3. It is, therefore, affected by multiple vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - A man-in-the-middle vulnerability, known as Logjam, exists due to a flaw in the SSL/TLS protocol. A remote attacker can exploit this flaw to downgrade connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. (CVE-2015-4000) - Multiple SQL injection vulnerabilities exist due to a failure by various servlets to properly sanitize the user-supplied input to their parameters. An unauthenticated, remote attacker can exploit these vulnerabilities to inject or manipulate SQL queries against the back-end database, resulting in the disclosure or manipulation of arbitrary data (CVE-2016-4350). The following servlets are affected : - BackupAssociationServlet - BackupExceptionsServlet - BexDriveUsageSummaryServlet - DuplicateFilesServlet - FileActionAssignmentServlet - HostStorageServlet - NbuErrorMessageServlet - ProcessesServlet - QuantumMonitorServlet - ScriptServlet - UserDefinedFieldConfigServlet - WindowsEventLogsServlet - XiotechMonitorServlet - A SQL injection (SQLi) vulnerability exists in the RunScript.jsp script due to improper sanitization of user-supplied input before using it in SQL queries. An unauthenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database, resulting in the disclosure and manipulation of arbitrary data. - A path traversal vulnerability exists due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to disclose sensitive information.
    last seen2020-06-01
    modified2020-06-02
    plugin id91123
    published2016-05-13
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91123
    titleSolarWinds Storage Resource Monitor Profiler < 6.2.3 Multiple Vulnerabilities (Logjam) (POODLE)
  • NASL familyWindows
    NASL idIBM_DOMINO_9_0_1_FP2.NASL
    descriptionThe version of IBM Domino (formerly Lotus Domino) installed on the remote host is 9.0.x prior to 9.0.1 Fix Pack 2 (FP2). It is, therefore, affected by the following vulnerabilities : - An unspecified error exists related to the TLS implementation and the IBM HTTP server that could allow certain error cases to cause 100% CPU utilization. Note this issue only affects Microsoft Windows hosts. (CVE-2014-0963) - Fixes in the Oracle Java CPU for April 2014 are included in the fixed IBM Java release, which is included in the fixed IBM Domino release. (CVE-2013-6629, CVE-2013-6954, CVE-2014-0429, CVE-2014-0446, CVE-2014-0448, CVE-2014-0449, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2398, CVE-2014-2401, CVE-2014-2402, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428) - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566)
    last seen2020-06-01
    modified2020-06-02
    plugin id77811
    published2014-09-23
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/77811
    titleIBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201606-11.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201606-11 (claws-mail: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in claws-mail. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly intercept communications due to the default implementation of SSL 3.0. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id91842
    published2016-06-27
    reporterThis script is Copyright (C) 2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/91842
    titleGLSA-201606-11 : claws-mail: Multiple Vulnerabilities (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0069.NASL
    descriptionUpdated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-6601, CVE-2015-0437) Multiple improper permission check issues were discovered in the JAX-WS, Libraries, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2014-6549, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All users of java-1.8.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80882
    published2015-01-21
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80882
    titleRHEL 6 : java-1.8.0-openjdk (RHSA-2015:0069) (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73324.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84267
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84267
    titleAIX 6.1 TL 9 : nettcp (IV73324) (POODLE)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2014-426.NASL
    descriptionBodo Moller, Thai Duong and Krzysztof Kotowicz of Google discovered a flaw in the design of SSL version 3.0 that would allow an attacker to calculate the plaintext of secure connections, allowing, for example, secure HTTP cookies to be stolen. http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exp loiting-ssl-30.html https://www.openssl.org/~bodo/ssl-poodle.pdf Special notes : We have backfilled our 2014.03, 2013.09, and 2013.03 Amazon Linux AMI repositories with updated openssl packages that fix CVE-2014-3566 . For 2014.09 Amazon Linux AMIs,
    last seen2020-06-01
    modified2020-06-02
    plugin id78484
    published2014-10-16
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78484
    titleAmazon Linux AMI : openssl (ALAS-2014-426) (POODLE)
  • NASL familyWindows
    NASL idCISCO_ANYCONNECT_3_1_5187.NASL
    descriptionThe remote host has a version of Cisco AnyConnect prior to 3.1(5187). It is, therefore, affected by an information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id78676
    published2014-10-24
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78676
    titleCisco AnyConnect Secure Mobility Client < 3.1(5187) (POODLE)
  • NASL familyCISCO
    NASL idCISCO-SA-20141015-POODLE-ASA.NASL
    descriptionThe remote Cisco ASA device is affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. Note that all versions of ASA are affected; however, the workaround does not work for versions 8.0.x, 8.1.x, 9.0.x, and 9.1(1)x. Please refer to the advisory or contact the vendor for possible solutions.
    last seen2019-10-28
    modified2014-10-30
    plugin id78750
    published2014-10-30
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78750
    titleSSLv3 Padding Oracle On Downgraded Legacy Encryption in Cisco ASA Software (cisco-sa-20141015-poodle) (POODLE)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150121_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL
    descriptionA flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the- middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-03-18
    modified2015-01-22
    plugin id80903
    published2015-01-22
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80903
    titleScientific Linux Security Update : java-1.7.0-openjdk on SL6.x, SL7.x i386/x86_64 (20150121) (POODLE)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-0085.NASL
    descriptionUpdated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id81005
    published2015-01-27
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81005
    titleCentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2015:0085) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0068.NASL
    descriptionUpdated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80881
    published2015-01-21
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80881
    titleRHEL 5 : java-1.7.0-openjdk (RHSA-2015:0068) (POODLE)
  • NASL familyMisc.
    NASL idORACLE_SECURE_GLOBAL_DESKTOP_JAN_2015_CPU.NASL
    descriptionThe remote host has a version of Oracle Secure Global Desktop that is version 4.63, 4.71, 5.0 or 5.1. It is, therefore, affected by multiple vulnerabilities in the following components : - Apache HTTP Server - Client - Gateway JARP module - Gateway Reverse Proxy - OpenSSL - Print Servlet (only in 5.0 / 5.1) - SGD SSL Daemon (ttassl) - Web Server
    last seen2020-06-01
    modified2020-06-02
    plugin id80912
    published2015-01-22
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80912
    titleOracle Secure Global Desktop Multiple Vulnerabilities (January 2015 CPU) (POODLE)
  • NASL familyWeb Servers
    NASL idWEBSPHERE_8_0_0_10.NASL
    descriptionThe remote host is running IBM WebSphere Application Server version 8.0 prior to Fix Pack 10. It is, therefore, affected by the following vulnerabilities : - Multiple errors exist related to the included IBM HTTP server that can allow remote code execution or denial of service. (CVE-2013-5704, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231 / PI22070) - An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the
    last seen2020-06-01
    modified2020-06-02
    plugin id81401
    published2015-02-18
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81401
    titleIBM WebSphere Application Server 8.0 < Fix Pack 10 Multiple Vulnerabilities (POODLE)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2018-0248.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2018-0248 for details.
    last seen2020-06-01
    modified2020-06-02
    plugin id111992
    published2018-08-20
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/111992
    titleOracleVM 3.4 : xen (OVMSA-2018-0248) (Bunker Buster) (Foreshadow) (Meltdown) (POODLE) (Spectre)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-472.NASL
    descriptionMultiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-6601 , CVE-2015-0437) Multiple improper permission check issues were discovered in the JAX-WS, Libraries, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412 , CVE-2014-6549 , CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585 , CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383)
    last seen2020-06-01
    modified2020-06-02
    plugin id80922
    published2015-01-23
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80922
    titleAmazon Linux AMI : java-1.8.0-openjdk (ALAS-2015-472) (POODLE)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-0069.NASL
    descriptionFrom Red Hat Security Advisory 2015:0069 : Updated java-1.8.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-6601, CVE-2015-0437) Multiple improper permission check issues were discovered in the JAX-WS, Libraries, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2014-6549, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All users of java-1.8.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80901
    published2015-01-22
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80901
    titleOracle Linux 6 : java-1.8.0-openjdk (ELSA-2015-0069) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_SUSEREGISTER-141121.NASL
    descriptionsuseRegister was updated to fix one security issue : - POODLE: Ensure that only TLS is used. (CVE-2014-3566)
    last seen2020-06-05
    modified2015-01-06
    plugin id80390
    published2015-01-06
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80390
    titleSuSE 11.3 Security Update : suseRegister (SAT Patch Number 10008)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-9110.NASL
    descriptionUpdate to latest release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-10-16
    plugin id86410
    published2015-10-16
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86410
    titleFedora 22 : fossil-1.33-1.fc22 (2015-9110) (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73976.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84275
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84275
    titleAIX 6.1 TL 9 : nettcp (IV73976) (POODLE)
  • NASL familyMisc.
    NASL idXEROX_XRX15AM.NASL
    descriptionAccording to its model number and software version, the remote Xerox WorkCentre 3025 / 3215 / 3225 device is affected by multiple OpenSSL vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204)
    last seen2020-06-01
    modified2020-06-02
    plugin id87324
    published2015-12-11
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87324
    titleXerox WorkCentre 3025 / 3215 / 3225 OpenSSL Multiple Vulnerabilities (XRX15AM) (FREAK) (POODLE)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150121_JAVA_1_7_0_OPENJDK_ON_SL5_X.NASL
    descriptionA flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the- middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-03-18
    modified2015-01-22
    plugin id80902
    published2015-01-22
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80902
    titleScientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20150121) (POODLE)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-81.NASL
    descriptionSeveral vulnerabilities have been found in OpenSSL. CVE-2014-3566 (
    last seen2020-03-17
    modified2015-03-26
    plugin id82226
    published2015-03-26
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82226
    titleDebian DLA-81-1 : openssl security update
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-605.NASL
    descriptionThe following issues were fixed in this release : CVE-2014-3566: SSLv3 POODLE attack (bnc#901223) CVE-2014-3513, CVE-2014-3567: DTLS memory leak and session ticket memory leak
    last seen2020-06-05
    modified2014-10-30
    plugin id78733
    published2014-10-30
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78733
    titleopenSUSE Security Update : openssl (openSUSE-SU-2014:1331-1) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13764.NASL
    descriptionBackport various security fixes. Note they usually are extra options that need to be enabled manually so that we won
    last seen2020-03-17
    modified2014-11-07
    plugin id78902
    published2014-11-07
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78902
    titleFedora 19 : Pound-2.6-8.fc19 (2014-13764)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-1652.NASL
    descriptionFrom Red Hat Security Advisory 2014:1652 : Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server. (CVE-2014-3513) A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server. (CVE-2014-3567) All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to mitigate the CVE-2014-3566 issue and correct the CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id78529
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78529
    titleOracle Linux 6 / 7 : openssl (ELSA-2014-1652) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-1876.NASL
    descriptionUpdated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2014-3065, CVE-2014-3566, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558) The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM article linked to in the References section for additional details about this change and instructions on how to re-enable SSL 3.0 support if needed. All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR8 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id79351
    published2014-11-20
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79351
    titleRHEL 5 : java-1.7.0-ibm (RHSA-2014:1876) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0080.NASL
    descriptionUpdated java-1.8.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2014-3566, CVE-2014-6549, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412, CVE-2015-0413, CVE-2015-0421, CVE-2015-0437) The CVE-2015-0383 issue was discovered by Red Hat. Note: With this update, the Oracle Java SE now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the Red Hat Bugzilla bug linked to in the References section for instructions on how to re-enable SSL 3.0 support if needed. All users of java-1.8.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 8 Update 31 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80932
    published2015-01-23
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80932
    titleRHEL 6 : java-1.8.0-oracle (RHSA-2015:0080) (POODLE)
  • NASL familyWindows
    NASL idSOLARWINDS_DAMEWARE_MINI_REMOTE_CONTROL_V12_0_HOTFIX_2.NASL
    descriptionThe remote host is running a version of SolarWinds DameWare Mini Remote Control prior to 12.0 Hotfix 2. It is, therefore, affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id86995
    published2015-11-20
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/86995
    titleSolarWinds DameWare Mini Remote Control < 12.0 Hotfix 2 SSLv3 Padding Oracle On Downgraded Legacy Encryption (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-1948.NASL
    descriptionUpdated nss, nss-util, and nss-softokn packages that contain a patch to mitigate the CVE-2014-3566 issue, fix a number of bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 The nss, nss-util, and nss-softokn packages have been upgraded to upstream version 3.16.2.3, which provides a number of bug fixes and enhancements over the previous version, and adds the support for Mozilla Firefox 31.3. (BZ#1158159, BZ#1165003, BZ#1165525) Users of nss, nss-util, and nss-softokn are advised to upgrade to these updated packages, which contain a backported patch to mitigate the CVE-2014-3566 issue, fix these bugs, and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id79685
    published2014-12-03
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79685
    titleRHEL 5 / 6 / 7 : nss, nss-util, and nss-softokn (RHSA-2014:1948) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-15379.NASL
    descriptionThis release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3 by default for the most predominate uses of TLS in Node.js. It took longer than expected to get this release accomplished in a way that would provide appropriate default security settings, while minimizing the surface area for the behavior change we were introducing. It was also important that we validated that our changes were being applied in the variety of configurations we support in our APIs. With this release, we are confident that the only behavior change is that of the default allowed protocols do not include SSLv2 or SSLv3. Though you are still able to programatically consume those protocols if necessary. Included is the documentation that you can find at https://nodejs.org/api/tls.html#tls_protocol_support that describes how this works going forward for client and server implementations. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-12-15
    plugin id79896
    published2014-12-15
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79896
    titleFedora 20 : libuv-0.10.29-1.fc20 / nodejs-0.10.33-1.fc20 (2014-15379) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-17587.NASL
    description - Synced with native openssl-1.0.1j-3.fc22\r\n* Add support for RFC 5649\r\n* Prevent compiler warning
    last seen2020-03-17
    modified2015-01-02
    plugin id80322
    published2015-01-02
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80322
    titleFedora 20 : mingw-openssl-1.0.1j-1.fc20 (2014-17587) (POODLE)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_10_2.NASL
    descriptionThe remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.2. This update contains several security-related fixes for the following components : - bash - Bluetooth - CFNetwork Cache - CommerceKit Framework - CoreGraphics - CoreSymbolication - CPU Software - FontParser - Foundation - Intel Graphics Driver - IOAcceleratorFamily - IOHIDFamily - IOKit - IOUSBFamily - Kernel - LaunchServices - libnetcore - LoginWindow - lukemftp - OpenSSL - Safari - SceneKit - Security - security_taskgate - Spotlight - SpotlightIndex - sysmond - UserAccountUpdater Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id81087
    published2015-01-29
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81087
    titleMac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE)
  • NASL familyCGI abuses
    NASL idHP_SITESCOPE_HPSBMU03184.NASL
    descriptionThe version of HP SiteScope installed on the remote host is affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id79719
    published2014-12-04
    reporterThis script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79719
    titleHP SiteScope SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)
  • NASL familyWeb Servers
    NASL idSPLUNK_5011.NASL
    descriptionAccording to its version number, the Splunk Enterprise hosted on the remote web server is 5.0.x prior to 5.0.11. It is, therefore, affected by the following vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - A flaw exists in the included OpenSSL library due to handling session tickets that have not been properly verified for integrity. A remote attacker, by using a large number of invalid session tickets, can exploit this to cause a denial of service. (CVE-2014-3567) Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id79721
    published2014-12-04
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79721
    titleSplunk Enterprise 5.0.x < 5.0.11 Multiple Vulnerabilities (POODLE)
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2015-0001.NASL
    descriptiona. VMware ESXi, Workstation, Player, and Fusion host privilege escalation vulnerability VMware ESXi, Workstation, Player and Fusion contain an arbitrary file write issue. Exploitation this issue may allow for privilege escalation on the host. The vulnerability does not allow for privilege escalation from the guest Operating System to the host or vice-versa. This means that host memory can not be manipulated from the Guest Operating System. Mitigation For ESXi to be affected, permissions must have been added to ESXi (or a vCenter Server managing it) for a virtual machine administrator role or greater. VMware would like to thank Shanon Olsson for reporting this issue to us through JPCERT. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2014-8370 to this issue. b. VMware Workstation, Player, and Fusion Denial of Service vulnerability VMware Workstation, Player, and Fusion contain an input validation issue in the Host Guest File System (HGFS). This issue may allow for a Denial of Service of the Guest Operating system. VMware would like to thank Peter Kamensky from Digital Security for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-1043 to this issue. c. VMware ESXi, Workstation, and Player Denial of Service vulnerability VMware ESXi, Workstation, and Player contain an input validation issue in VMware Authorization process (vmware-authd). This issue may allow for a Denial of Service of the host. On VMware ESXi and on Workstation running on Linux the Denial of Service would be partial. VMware would like to thank Dmitry Yudin @ret5et for reporting this issue to us through HP
    last seen2020-06-01
    modified2020-06-02
    plugin id81079
    published2015-01-29
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81079
    titleVMSA-2015-0001 : VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-1692.NASL
    descriptionUpdated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue and fix two security issues are now available for Red Hat Storage 2.1. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server. (CVE-2014-3513) A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server. (CVE-2014-3567) All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to mitigate the CVE-2014-3566 issue and correct the CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id79060
    published2014-11-08
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79060
    titleRHEL 6 : Storage Server (RHSA-2014:1692) (POODLE)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150121_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL
    descriptionMultiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-6601, CVE-2015-0437) Multiple improper permission check issues were discovered in the JAX-WS, Libraries, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2014-6549, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the- middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-03-18
    modified2015-01-22
    plugin id80904
    published2015-01-22
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80904
    titleScientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20150121) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-1881.NASL
    descriptionUpdated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2014-3065, CVE-2014-3566, CVE-2014-6457, CVE-2014-6502, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6531, CVE-2014-6558) The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM article linked to in the References section for additional details about this change and instructions on how to re-enable SSL 3.0 support if needed. All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM J2SE 5.0 SR16-FP8 release. All running instances of IBM Java must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id79378
    published2014-11-21
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79378
    titleRHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:1881) (POODLE)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-0085.NASL
    descriptionFrom Red Hat Security Advisory 2015:0085 : Updated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id81011
    published2015-01-27
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81011
    titleOracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2015-0085) (POODLE)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-033.NASL
    descriptionUpdated java-1.7.0 packages fix security vulnerabilities : A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions (CVE-2014-6601). Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-0412, CVE-2015-0408). A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions (CVE-2015-0395). A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded (CVE-2015-0410). It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled (CVE-2014-6593). An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions (CVE-2015-0407). A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions (CVE-2014-6587). Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory (CVE-2014-6585, CVE-2014-6591). Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack (CVE-2015-0383). Note: This update disables SSL 3.0 by default to mitigate the POODLE issue, also known as CVE-2014-3566. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id81233
    published2015-02-09
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81233
    titleMandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2015:033)
  • NASL familyWindows
    NASL idVMWARE_HORIZON_VIEW_VMSA-2015-0003.NASL
    descriptionThe VMware Horizon View installed on the remote Windows host is version 5.x prior to 5.3.4 or version 6.x prior to 6.1. It is, therefore, affected by the following vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - An XML external entity (XXE) injection vulnerability exists in the included Flex BlazeDS component due to an incorrect configuration of the XML parser that allows external XML entities to be accepted from untrusted sources. An unauthenticated, remote attacker can exploit this vulnerability, via a via a crafted AMF message, to gain access to sensitive information. (CVE-2015-3269) - A flaw exists in the bundled Adobe ColdFusion and LiveCycle Data Services components related to request handling between a user and the server. A remote attacker can exploit this, via a specially crafted request, to bypass access restrictions (e.g. host or network ACLs), conduct port scanning of internal networks, enumerate internal hosts, or possibly invoke additional protocols (e.g. Gopher, TFTP). (CVE-2015-5255) Additionally, unspecified vulnerabilities also exist in the following bundled Java components : - 2D (CVE-2014-6585, CVE-2014-6591) - Deployment (CVE-2015-0403, CVE-2015-0406) - Hotspot (CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0437) - Installation (CVE-2015-0421) - JAX-WS (CVE-2015-0412) - JSSE (CVE-2014-6593) - Libraries (CVE-2014-6549, CVE-2014-6587, CVE-2015-0400) - RMI (CVE-2015-0408) - Security (CVE-2015-0410) - Serviceability (CVE-2015-0413) - Swing (CVE-2015-0407)
    last seen2020-06-01
    modified2020-06-02
    plugin id82741
    published2015-04-13
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82741
    titleVMware Horizon View Multiple Vulnerabilities (VMSA-2015-0003) (VMSA-2015-0008) (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-0086.NASL
    descriptionUpdated java-1.6.0-sun packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0403, CVE-2015-0406, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412) The CVE-2015-0383 issue was discovered by Red Hat. Note: With this update, the Oracle Java SE now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the Red Hat Bugzilla bug linked to in the References section for instructions on how to re-enable SSL 3.0 support if needed. All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 91 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id81014
    published2015-01-27
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81014
    titleRHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2015:0086) (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_JAVA_FEB2015_ADVISORY.NASL
    descriptionThe version of Java SDK installed on the remote host is affected by the following vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - Information disclosure flaws exist in the font parsing code in the 2D component in OpenJDK. A specially crafted font file can exploit boundary check flaws and allow an untrusted Java applet or application to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) - A NULL pointer dereference flaw exists in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java applet or application can use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) - The SSL/TLS implementation in the JSSE component in OpenJDK fails to properly check whether the ChangeCipherSpec was received during a SSL/TLS connection handshake. An MitM attacker can use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) - An unspecified privilege escalation vulnerability exists in IBM Java Virtual Machine. (CVE-2014-8891) - An unspecified information disclosure vulnerability exists in the Libraries component of Oracle Java SE. (CVE-2015-0400) - An unspecified information disclosure vulnerability exists in the Deployment component of Oracle Java SE. (CVE-2015-0403) - Unspecified denial of service and information disclosure vulnerabilities exist in the Deployment component of Oracle Java SE. (CVE-2015-0406) - An information disclosure vulnerability exists in the Swing component in OpenJDK. An untrusted Java applet or application can use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) - Multiple improper permission check vulnerabilities exist in the JAX-WS, Libraries, and RMI components in OpenJDK. An untrusted Java applet or application can use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2014-6549, CVE-2015-0408) - A denial of service vulnerability exists in the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK when handling negative length values. A specially crafted, DER-encoded input can cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410)
    last seen2020-06-01
    modified2020-06-02
    plugin id81491
    published2015-02-24
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81491
    titleAIX Java Advisory : java_feb2015_advisory.asc (POODLE)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-218.NASL
    descriptionMultiple vulnerabilities has been discovered and corrected in asterisk : Remote crash when handling out of call message in certain dialplan configurations (CVE-2014-6610). Asterisk Susceptibility to POODLE Vulnerability (CVE-2014-3566). Mixed IP address families in access control lists may permit unwanted traffic. High call load may result in hung channels in ConfBridge. Permission escalation through ConfBridge actions/dialplan functions. The updated packages has been upgraded to the 11.14.1 version which is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id79405
    published2014-11-24
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79405
    titleMandriva Linux Security Advisory : asterisk (MDVSA-2014:218)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-14237.NASL
    description - SSLv3 server connections are now disabled by default, in response to the POODLE vulnerability, see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014- 3566. - Several PGP/Core plugin improvements - A new version of the RSSyl plugin, completely redesigned and rewritten. - The results of TAB address completion in the Compose window have improved ordering. - Due to popular demand, use of the Up key in the message body in the Compose window stops at the top of the message body and does not continue up to the header fields. This reverts the behaviour introduced in version 3.10.0. - In the Compose window, when navigating with the arrow keys, selecting, and thus modifying, the Account selector is now prevented. - In the Compose window, a mnemonic (s) has been added to the Subject line. - The Queue folder is highlighted if there are messages in its sub-folders and the tree is collapsed. - When sorting messages by
    last seen2020-03-17
    modified2015-01-06
    plugin id80362
    published2015-01-06
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80362
    titleFedora 19 : claws-mail-3.11.1-2.fc19 / claws-mail-plugins-3.11.1-1.fc19 / libetpan-1.6-1.fc19 (2014-14237) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13012.NASL
    descriptionUpdate fixing three moderate security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-10-20
    plugin id78581
    published2014-10-20
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78581
    titleFedora 19 : openssl-1.0.1e-40.fc19 (2014-13012) (POODLE)
  • NASL familyWindows
    NASL idIBM_GPFS_ISG3T1021546_WINDOWS.NASL
    descriptionA version of IBM General Parallel File System (GPFS) 3.5.x prior to 3.5.0.21 is installed on the remote Windows host. It is, therefore, affected by the following OpenSSL related vulnerabilities : - An error exists related to DTLS SRTP extension handling and specially crafted handshake messages that can allow denial of service attacks via memory leaks. (CVE-2014-3513) - An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. Man-in-the-middle attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id80885
    published2015-01-21
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80885
    titleIBM General Parallel File System Multiple Vulnerabilities (Windows) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_LIBWSMAN-DEVEL-141021.NASL
    descriptionThis update adds a configuration option to disable SSLv2 and SSLv3 in openwsman. This is required to mitigate CVE-2014-3566. To use the new option, edit /etc/openwsman/openwsman.conf and add the following line to the [server] section : ssl_disabled_protocols = SSLv2 SSLv3
    last seen2020-06-05
    modified2014-11-19
    plugin id79332
    published2014-11-19
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79332
    titleSuSE 11.3 Security Update : openwsman (SAT Patch Number 9902)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2014-429.NASL
    descriptionA flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id78559
    published2014-10-20
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78559
    titleAmazon Linux AMI : nss (ALAS-2014-429) (POODLE)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20141202_NSS__NSS_UTIL__AND_NSS_SOFTOKN_ON_SL5_X.NASL
    descriptionThis update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. The nss, nss-util, and nss-softokn packages have been upgraded to upstream version 3.16.2.3, which provides a number of bug fixes and enhancements over the previous version, and adds the support for Mozilla Firefox 31.3. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
    last seen2020-03-18
    modified2014-12-04
    plugin id79713
    published2014-12-04
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79713
    titleScientific Linux Security Update : nss, nss-util, and nss-softokn on SL5.x, SL6.x, SL7.x i386/x86_64 (20141202) (POODLE)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1400.NASL
    descriptionAccording to the versions of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable
    last seen2020-06-01
    modified2020-06-02
    plugin id124903
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124903
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : openssl (EulerOS-SA-2019-1400)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities: - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an error state mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected. (CVE-2017-3737) - There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository. (CVE-2017-3738) - There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen. (CVE-2017-3736) - OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition. (CVE-2006-2937) - OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) public exponent or (2) public modulus values in X.509 certificates that require extra time to process when using RSA signature verification. (CVE-2006-2940) - Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. (CVE-2006-3738) - OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. (CVE-2006-4339) - The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. (CVE-2006-4343) - The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys. (CVE-2007-3108) - Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors. (CVE-2007-4995) - Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible. (CVE-2007-5135) - Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information. (CVE-2008-0891) - OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses particular cipher suites, which triggers a NULL pointer dereference. (CVE-2008-1672) - The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of future epoch DTLS records that are buffered in a queue, aka DTLS record buffer limitation bug. (CVE-2009-1377) - Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka DTLS fragment handling memory leak. (CVE-2009-1378) - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. (CVE-2009-1379) - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post- renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue. (CVE-2009-3555) - Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_cleanup_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678. (CVE-2009-4355) - The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, and possibly execute arbitrary code, via unspecified vectors. (CVE-2010-0742) - RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requirements or obtain sensitive information via unspecified vectors. NOTE: some of these details are obtained from third party information. (CVE-2010-1633) - Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi- threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap- based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography. (CVE-2010-3864) - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. (CVE-2010-4180) - ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka OCSP stapling vulnerability. (CVE-2011-0014) - crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. (CVE-2011-3207) - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. (CVE-2012-0050) - The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service (memory corruption) or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an RSA public key. (CVE-2012-2110) - The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. (CVE-2013-4353) - The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client. (CVE-2013-6449) - The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (CVE-2013-6450) - An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) - A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id127201
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127201
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0033)
  • NASL familyWeb Servers
    NASL idHPSMH_7_4_1.NASL
    descriptionAccording to the web server
    last seen2020-06-01
    modified2020-06-02
    plugin id85181
    published2015-08-03
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85181
    titleHP System Management Homepage < 7.2.5 / 7.4.1 Multiple Vulnerabilities (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13399.NASL
    description - Mon Oct 20 2014 Jeffrey C. Ollie <jeff at ocjtech.us> - 11.13.1-1 The Asterisk Development Team has announced security releases for Certified Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available security releases are released as versions 1.8.28-cert2, 11.6-cert7, 1.8.31.1, 11.13.1, 12.6.1, and 13.0.0-beta3. These releases are available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/releases The release of these versions resolves the following security vulnerability : - AST-2014-011: Asterisk Susceptibility to POODLE Vulnerability Asterisk is susceptible to the POODLE vulnerability in two ways: 1) The res_jabber and res_xmpp module both use SSLv3 exclusively for their encrypted connections. 2) The core TLS handling in Asterisk, which is used by the chan_sip channel driver, Asterisk Manager Interface (AMI), and Asterisk HTTP Server, by default allow a TLS connection to fallback to SSLv3. This allows for a MITM to potentially force a connection to fallback to SSLv3, exposing it to the POODLE vulnerability. These issues have been resolved in the versions released in conjunction with this security advisory. For more information about the details of this vulnerability, please read security advisory AST-2014-011, which was released at the same time as this announcement. For a full list of changes in the current releases, please see the ChangeLogs : http://downloads.asterisk.org/pub/telephony/certified-asterisk/release s/ChangeLog-1.8.28-cert2 http://downloads.asterisk.org/pub/telephony/certified-asterisk/release s/ChangeLog-11.6-cert7 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo g-1.8.31.1 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo g-11.13.1 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo g-12.6.1 http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo g-13.0.0-beta3 The security advisory is available at : - http://downloads.asterisk.org/pub/security/AST-2014-011. pdf - Mon Oct 20 2014 Jeffrey C. Ollie <jeff at ocjtech.us> - 11.13.0-1 The Asterisk Development Team has announced the release of Asterisk 11.13.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 11.13.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you! The following are the issues resolved in this release : Bugs fixed in this release : Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-11-03
    plugin id78804
    published2014-11-03
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78804
    titleFedora 21 : asterisk-11.13.1-1.fc21 (2014-13399) (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73417.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84269
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84269
    titleAIX 6.1 TL 9 : nettcp (IV73417) (POODLE)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-1653.NASL
    descriptionFrom Red Hat Security Advisory 2014:1653 : Updated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to mitigate the CVE-2014-3566 issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id78530
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78530
    titleOracle Linux 5 : openssl (ELSA-2014-1653) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-640.NASL
    descriptionClaws Mail was updated to version 3.11.0. Changes : + SSLv3 server connections are now disabled by default, in response to the POODLE vulnerability (CVE-2014-3566). + Several PGP/Core plugin improvements : - Indicate when a key has been revoked or has expired when displaying signature status. - When displaying the full information, show the Validity, and the Owner Trust level. Also indicate expired and revoked keys, and revoked UIDs. - The
    last seen2020-06-05
    modified2014-11-11
    plugin id79106
    published2014-11-11
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79106
    titleopenSUSE Security Update : claws-mail (openSUSE-SU-2014:1384-1) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-15411.NASL
    descriptionThis release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3 by default for the most predominate uses of TLS in Node.js. It took longer than expected to get this release accomplished in a way that would provide appropriate default security settings, while minimizing the surface area for the behavior change we were introducing. It was also important that we validated that our changes were being applied in the variety of configurations we support in our APIs. With this release, we are confident that the only behavior change is that of the default allowed protocols do not include SSLv2 or SSLv3. Though you are still able to programatically consume those protocols if necessary. Included is the documentation that you can find at https://nodejs.org/api/tls.html#tls_protocol_support that describes how this works going forward for client and server implementations. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-12-15
    plugin id79898
    published2014-12-15
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79898
    titleFedora 21 : libuv-0.10.29-1.fc21 / nodejs-0.10.33-1.fc21 (2014-15411) (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV69768.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84264
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84264
    titleAIX 6.1 TL 8 : nettcp (IV69768) (POODLE)
  • NASL familyWindows
    NASL idIBM_RATIONAL_CLEARQUEST_8_0_1_6.NASL
    descriptionThe remote host has a version of IBM Rational ClearQuest 7.1.x prior to 7.1.2.16 / 8.0.0.x prior to 8.0.0.13 / 8.0.1.x prior to 8.0.1.6 installed. It is, therefore, potentially affected by multiple vulnerabilities in third party libraries : - An error exists in the libcURL and OpenSSL libraries related to an IP address that uses a wildcard in the subject
    last seen2020-06-01
    modified2020-06-02
    plugin id81784
    published2015-03-12
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81784
    titleIBM Rational ClearQuest 7.1.x < 7.1.2.16 / 8.0.0.x < 8.0.0.13 / 8.0.1.x < 8.0.1.6 Multiple Vulnerabilities (credentialed check) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_COMPAT-OPENSSL097G-141202.NASL
    descriptionThe SLES 9 compatibility package compat-openssl097g received a roll up update fixing various security issues : - Build option no-ssl3 is incomplete. (CVE-2014-3568) - Add support for TLS_FALLBACK_SCSV. (CVE-2014-3566) - Information leak in pretty printing functions. (CVE-2014-3508) - OCSP bad key DoS attack. (CVE-2013-0166) - SSL/TLS CBC plaintext recovery attack. (CVE-2013-0169) - Anonymous ECDH denial of service. (CVE-2014-3470) - SSL/TLS MITM vulnerability (CVE-2014-0224)
    last seen2020-06-05
    modified2014-12-05
    plugin id79738
    published2014-12-05
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79738
    titleSuSE 11.3 Security Update : compat-openssl097g (SAT Patch Number 10033)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-1524-1.NASL
    descriptionopenssl was updated to fix four security issues. These security issues were fixed : - SRTP Memory Leak (CVE-2014-3513). - Session Ticket Memory Leak (CVE-2014-3567). - Fixed incomplete no-ssl3 build option (CVE-2014-3568). - Add support for TLS_FALLBACK_SCSV (CVE-2014-3566). NOTE: This update alone DOESN
    last seen2020-06-05
    modified2015-05-20
    plugin id83648
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83648
    titleSUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2014:1524-1) (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-0503-1.NASL
    descriptionThis update fixes 13 security issues. These security issues were fixed : - CVE-2015-0395: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot (bnc#914041). - CVE-2015-0400: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to Libraries (bnc#914041). - CVE-2015-0383: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allowed local users to affect integrity and availability via unknown vectors related to Hotspot (bnc#914041). - CVE-2015-0412: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS (bnc#914041). - CVE-2015-0407: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to Swing (bnc#914041). - CVE-2015-0408: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI (bnc#914041). - CVE-2014-6585: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors reelated to 2D, a different vulnerability than CVE-2014-6591 (bnc#914041). - CVE-2014-6587: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries (bnc#914041). - CVE-2014-6591: Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585 (bnc#914041). - CVE-2014-6593: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allowed remote attackers to affect confidentiality and integrity via vectors related to JSSE (bnc#914041). - CVE-2014-6601: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allowed remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot (bnc#914041). - CVE-2015-0410: Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allowed remote attackers to affect availability via unknown vectors related to Security (bnc#914041). - CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, used nondeterministic CBC padding, which made it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the
    last seen2020-06-01
    modified2020-06-02
    plugin id83699
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83699
    titleSUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2015:0503-1) (POODLE)
  • NASL familyMisc.
    NASL idVCENTER_OPERATIONS_MANAGER_VMSA_2015-0003-VAPP.NASL
    descriptionThe version of VMware vCenter Operations Manager installed on the remote host has a bundled version of the Java JRE prior to version 1.7.0_76-b13 (aka 7.0.760). It is, therefore, affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) Additionally, unspecified vulnerabilities also exist in the following bundled Java components : - 2D (CVE-2014-6585, CVE-2014-6591) - Deployment (CVE-2015-0403, CVE-2015-0406) - Hotspot (CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0437) - Installation (CVE-2015-0421) - JAX-WS (CVE-2015-0412) - JSSE (CVE-2014-6593) - Libraries (CVE-2014-6549, CVE-2014-6587, CVE-2015-0400) - RMI (CVE-2015-0408) - Security (CVE-2015-0410) - Serviceability (CVE-2015-0413) - Swing (CVE-2015-0407) VMware has released a patch that updates the JRE bundled with the appliance.
    last seen2020-06-01
    modified2020-06-02
    plugin id82706
    published2015-04-10
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82706
    titleVMware vCenter Operations Management vApp JRE Update 1.7.0_76-b13 (VMSA-2015-0003) (POODLE)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2486-1.NASL
    descriptionSeveral vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395, CVE-2015-0408, CVE-2015-0412) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400, CVE-2015-0407) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6593) A vulnerability was discovered in the OpenJDK JRE related to integrity and availability. An attacker could exploit this to cause a denial of service. (CVE-2015-0383) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could this exploit to cause a denial of service. (CVE-2015-0410). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id81043
    published2015-01-28
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81043
    titleUbuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2486-1) (POODLE)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SERVER_3_2_2.NASL
    descriptionThe remote Mac OS X 10.9 host has a version of OS X Server installed that is prior to version 3.2.2. It is, therefore, affected by an information disclosure vulnerability. An error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id78600
    published2014-10-21
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78600
    titleMac OS X : OS X Server < 3.2.2 SSLv3 Information Disclosure (POODLE)
  • NASL familyCISCO
    NASL idCISCO-SA-20141015-POODLE-WLC.NASL
    descriptionThe remote Cisco Wireless LAN Controller (WLC) is affected by an information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id79690
    published2014-12-03
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79690
    titleCisco Wireless LAN Controllers 5500 Series (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_PURE-FTPD-141120.NASL
    descriptionpure-ftpd was updated to fix one security issue and two non-security bugs : - SSLv2 and SSLv3 have been disabled to avoid the attack named POODLE. (CVE-2014-3566, bnc#902229) - Added the disable_ascii option. (bnc#828469) - Fixed wait on TLS handshake. (bnc#856424)
    last seen2020-06-05
    modified2014-12-05
    plugin id79739
    published2014-12-05
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79739
    titleSuSE 11.3 Security Update : pure-ftpd (SAT Patch Number 10004)
  • NASL familyAIX Local Security Checks
    NASL idAIX_OPENSSL_ADVISORY11.NASL
    descriptionThe version of OpenSSL installed on the remote host is affected by the following vulnerabilities : - An error exists related to DTLS SRTP extension handling and specially crafted handshake messages that can allow denial of service attacks via memory leaks. (CVE-2014-3513) - A man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - An error exists related to session ticket handling that can allow denial of service attacks via memory leaks. (CVE-2014-3567)
    last seen2020-06-01
    modified2020-06-02
    plugin id78772
    published2014-10-31
    reporterThis script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78772
    titleAIX OpenSSL Advisory : openssl_advisory11.asc (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_JAVA_OCT2014_ADVISORY.NASL
    descriptionThe version of Java SDK installed on the remote host is affected by the following vulnerabilities : - A privilege escalation vulnerability in the IBM Java SDK allows a local attacker to inject arbitrary code into the shared classes cache due to a flaw in the default configuration for the shared classes feature. Other users are able to execute the injected code, which can allow the attacker to gain elevated privileges. (CVE-2014-3065) - Oracle Java contains the flaw related to SSLv3 CBC-mode ciphers known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - Vulnerabilities in Oracle Java allow remote code execution via flaws in the Deployment subcomponent. (CVE-2014-4288, CVE-2014-6492, CVE-2014-6493, CVE-2014-6503, CVE-2014-6532) - A session hijacking vulnerability exists in Oracle Java due to a flaw related to handling of server certificate changes during SSL/TLS renegotiation. This allows an attacker to intercept communication between a client and server to hijack a mutually authenticated session. (CVE-2014-6457) - Privilege escalation vulnerabilities exist in Oracle Java within the the Deployment subcomponent. (CVE-2014-6458, CVE-2014-6466) - Data integrity vulnerabilities exist in Oracle Java within the the Deployment subcomponent. (CVE-2014-6476, CVE-2014-6515, CVE-2014-6527) - A privilege escalation vulnerability exists in Oracle Java in the resource bundle handling code of the
    last seen2020-06-01
    modified2020-06-02
    plugin id79626
    published2014-11-28
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79626
    titleAIX Java Advisory : java_oct2014_advisory.asc (POODLE)
  • NASL familyMisc.
    NASL idORACLE_JAVA_CPU_JAN_2015_UNIX.NASL
    descriptionThe version of Oracle Java SE or Java for Business installed on the remote host is prior to 8 Update 31, 7 Update 75, 6 Update 91, or 5 Update 81. It is, therefore, affected by security vulnerabilities in the following components : - 2D - Deployment - Hotspot - Install - JAX-WS - JSSE - Libraries - RMI - Security - Serviceability - Swing
    last seen2020-06-01
    modified2020-06-02
    plugin id80907
    published2015-01-22
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80907
    titleOracle Java SE Multiple Vulnerabilities (January 2015 CPU) (Unix) (POODLE)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-0067.NASL
    descriptionFrom Red Hat Security Advisory 2015:0067 : Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the-middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) Note: This update disables SSL 3.0 by default to address this issue. The jdk.tls.disabledAlgorithms security property can be used to re-enable SSL 3.0 support if needed. For additional information, refer to the Red Hat Bugzilla bug linked to in the References section. It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id80899
    published2015-01-22
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80899
    titleOracle Linux 6 / 7 : java-1.7.0-openjdk (ELSA-2015-0067) (POODLE)
  • NASL familyMisc.
    NASL idCUPS_2_0_1.NASL
    descriptionAccording to its banner, the CUPS printer service installed on the remote host is a version prior to 2.0.1. It is, therefore, potentially affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id79580
    published2014-11-26
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79580
    titleCUPS < 2.0.1 SSLv3 Legacy Encryption Vulnerability (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73316.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84265
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84265
    titleAIX 7.1 TL 3 : nettcp (IV73316) (POODLE)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2014-0041.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - xend: disable sslv3 due to (CVE-2014-3566) - Keep the maxmem and memory same in vm.cfg Singed-off-by: Annie Li
    last seen2020-06-01
    modified2020-06-02
    plugin id79556
    published2014-11-26
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79556
    titleOracleVM 3.2 : xen (OVMSA-2014-0041) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-17576.NASL
    description - Synced with native openssl-1.0.1j-3.fc22\r\n* Add support for RFC 5649\r\n* Prevent compiler warning
    last seen2020-03-17
    modified2015-01-02
    plugin id80319
    published2015-01-02
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80319
    titleFedora 21 : mingw-openssl-1.0.1j-1.fc21 (2014-17576) (POODLE)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3053.NASL
    descriptionSeveral vulnerabilities have been found in OpenSSL, the Secure Sockets Layer library and toolkit. - CVE-2014-3513 A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server. - CVE-2014-3566 (
    last seen2020-03-17
    modified2014-10-17
    plugin id78520
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78520
    titleDebian DSA-3053-1 : openssl - security update (POODLE)
  • NASL familyFirewalls
    NASL idCHECK_POINT_GAIA_SK103683.NASL
    descriptionThe remote host is running a version of Gaia Operating System that is potentially affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. As long as a client and service both support SSLv3, a connection can be
    last seen2020-06-01
    modified2020-06-02
    plugin id105084
    published2017-12-07
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/105084
    titleCheck Point Gaia Operating System SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (sk103683) (POODLE)
  • NASL familyWindows
    NASL idORACLE_JROCKIT_CPU_JAN_2015.NASL
    descriptionThe remote host has a version of Oracle JRockit that is affected by multiple vulnerabilities in the following components : - Hotspot - JSSE - Security Note that CVE-2014-3566 is an error related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id80890
    published2015-01-21
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80890
    titleOracle JRockit R27.8.4 / R28.3.4 Multiple Vulnerabilities (January 2015 CPU) (POODLE)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-203.NASL
    descriptionMultiple vulnerabilities has been discovered and corrected in openssl : OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade. Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE (CVE-2014-3566). When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack (CVE-2014-3567). The updated packages have been upgraded to the 1.0.0o version where these security flaws has been fixed.
    last seen2020-06-01
    modified2020-06-02
    plugin id78665
    published2014-10-24
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78665
    titleMandriva Linux Security Advisory : openssl (MDVSA-2014:203)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2396-1.NASL
    descriptionThis update provides apache2-mod_nss 1.0.14, which brings several fixes and enhancements : - Fix OpenSSL ciphers stopped parsing at +. (CVE-2016-3099) - Created valgrind suppression files to ease debugging. - Implement SSL_PPTYPE_FILTER to call executables to get the key password pins. - Improvements to migrate.pl. - Update default ciphers to something more modern and secure. - Check for host and netstat commands in gencert before trying to use them. - Add server support for DHE ciphers. - Extract SAN from server/client certificates into env - Fix memory leaks and other coding issues caught by clang analyzer. - Add support for Server Name Indication (SNI). - Add support for SNI for reverse proxy connections. - Add RenegBufferSize? option. - Add support for TLS Session Tickets (RFC 5077). - Fix logical AND support in OpenSSL cipher compatibility. - Correctly handle disabled ciphers. (CVE-2015-5244) - Implement a slew more OpenSSL cipher macros. - Fix a number of illegal memory accesses and memory leaks. - Support for SHA384 ciphers if they are available in NSS. - Add compatibility for mod_ssl-style cipher definitions. - Add TLSv1.2-specific ciphers. - Completely remove support for SSLv2. - Add support for sqlite NSS databases. - Compare subject CN and VS hostname during server start up. - Add support for enabling TLS v1.2. - Don
    last seen2020-06-01
    modified2020-06-02
    plugin id93767
    published2016-09-28
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93767
    titleSUSE SLES12 Security Update : apache2-mod_nss (SUSE-SU-2016:2396-1) (POODLE)
  • NASL familyWeb Servers
    NASL idWEBSPHERE_7_0_0_37.NASL
    descriptionThe IBM WebSphere Application Server running on the remote host is version 7.0 prior to Fix Pack 37. It is, therefore, affected by the following vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566 / PI27101) - An input validation error exists related to session input using URL rewriting that can allow cross-site scripting attacks. (CVE-2014-6167 / PI23819) - An error exists related to the administrative console that can allow
    last seen2020-06-01
    modified2020-06-02
    plugin id81825
    published2015-03-17
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81825
    titleIBM WebSphere Application Server 7.0 < Fix Pack 37 Multiple Vulnerabilities (POODLE)
  • NASL familyDatabases
    NASL idORACLE_RDBMS_CPU_JUL_2017.NASL
    descriptionThe remote Oracle Database Server is missing the July 2017 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - A vulnerability exists, known as SWEET32, in the 3DES and Blowfish algorithms due to the use of weak 64-bit block ciphers by default. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a
    last seen2020-06-02
    modified2017-07-20
    plugin id101836
    published2017-07-20
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101836
    titleOracle Database Multiple Vulnerabilities (July 2017 CPU) (POODLE) (SWEET32)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2014-1652.NASL
    descriptionUpdated OpenSSL packages that contain a backported patch to mitigate the CVE-2014-3566 issue known as SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE), and fixed two security issues that are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566 and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server. (CVE-2014-3513) A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server. (CVE-2014-3567) All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to mitigate the CVE-2014-3566 issue and correct the CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id78516
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78516
    titleCentOS 6 / 7 : openssl (CESA-2014:1652)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-157.NASL
    descriptionSeveral vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-03-26
    plugin id82140
    published2015-03-26
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82140
    titleDebian DLA-157-1 : openjdk-6 security update (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_JAVA-1_7_0-OPENJDK-150206.NASL
    descriptionjava-1_7_0-openjdk was updated to fix 19 security issues. Details are available at http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.h tml#AppendixJAVA
    last seen2020-06-01
    modified2020-06-02
    plugin id81419
    published2015-02-20
    reporterThis script is Copyright (C) 2015 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81419
    titleSuSE 11.3 Security Update : java-1_7_0-openjdk (SAT Patch Number 10286)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150126_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL
    descriptionA flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the- middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) All running instances of OpenJDK Java must be restarted for the update to take effect.
    last seen2020-03-18
    modified2015-01-27
    plugin id81015
    published2015-01-27
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81015
    titleScientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20150126) (POODLE)
  • NASL familyMisc.
    NASL idXEROX_XRX15AD_COLORQUBE.NASL
    descriptionAccording to its model number and software version, the remote Xerox ColorQube device is affected by multiple OpenSSL vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204) - A heap-based buffer overflow condition exists in the GNU C Library (glibc) due to improper validation of user-supplied input to the glibc functions __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. This vulnerability is known as GHOST. (CVE-2015-0235)
    last seen2020-06-01
    modified2020-06-02
    plugin id87322
    published2015-12-11
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87322
    titleXerox ColorQube 92XX Multiple OpenSSL Vulnerabilities (XRX15AD) (FREAK) (GHOST) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-12951.NASL
    descriptionUpdate fixing three moderate security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-11-03
    plugin id78799
    published2014-11-03
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78799
    titleFedora 21 : openssl-1.0.1j-1.fc21 (2014-12951) (POODLE)
  • NASL familyWeb Servers
    NASL idAPACHE_TRAFFIC_SERVER_511.NASL
    descriptionAccording to its banner, the version of Apache Traffic Server running on the remote host is 5.1.x prior to 5.1.1. It is, therefore, affected by the following vulnerabilities : - A man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - A flaw exists in the remap logic which may allow an open relay to be enabled. (CVE-2014-3624) Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id80918
    published2015-01-22
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80918
    titleApache Traffic Server 5.1.x < 5.1.1 Multiple Vulnerabilities (POODLE)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-647.NASL
    descriptionlibserf was updated to disable SSLv2 and SSLv3. &#9; libserf was updated to version 1.3.8 on openSUSE 13.1 and 13.2. This release also fixes a problem with handling very large gzip-encoded HTTP responses. For openSUSE 12.3 libserf 1.1.1 was patched to disable SSLv2 and SSLv3.
    last seen2020-06-05
    modified2014-11-13
    plugin id79222
    published2014-11-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79222
    titleopenSUSE Security Update : libserf (openSUSE-SU-2014:1395-1) (POODLE)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13647.NASL
    descriptionNew features : - Send list of compliance reasons on dbus - Added client-side support for --matches on the list command. Security : - 1153375: Support TLSv1.2 and v1.1 by default. (CVE-2014-3566) Bug fixes : - 1120772: Don
    last seen2020-03-17
    modified2014-11-11
    plugin id79088
    published2014-11-11
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79088
    titleFedora 21 : python-rhsm-1.13.6-1.fc21 / subscription-manager-1.13.6-1.fc21 (2014-13647)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-13781.NASL
    descriptionNew features : - Send list of compliance reasons on dbus - Added client-side support for --matches on the list command. Security : - 1153375: Support TLSv1.2 and v1.1 by default. (CVE-2014-3566) Bug fixes : - 1120772: Don
    last seen2020-03-17
    modified2014-11-07
    plugin id78904
    published2014-11-07
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78904
    titleFedora 20 : python-rhsm-1.13.6-1.fc20 / subscription-manager-1.13.6-1.fc20 (2014-13781)
  • NASL familyGeneral
    NASL idSSL_POODLE.NASL
    descriptionThe remote host is affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. As long as a client and service both support SSLv3, a connection can be
    last seen2020-06-01
    modified2020-06-02
    plugin id78479
    published2014-10-15
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78479
    titleSSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-062.NASL
    descriptionMultiple vulnerabilities has been discovered and corrected in openssl : Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment (CVE-2010-5298). The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack (CVE-2014-0076). The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug (CVE-2014-0160). The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment (CVE-2014-0195). The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition (CVE-2014-0198). The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake (CVE-2014-0221). OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the CCS Injection vulnerability (CVE-2014-0224). The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value (CVE-2014-3470). Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message (CVE-2014-3513). The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the POODLE issue (CVE-2014-3566). Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure (CVE-2014-3567). The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix (CVE-2014-3569). The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, related to crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c (CVE-2014-3570). OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c (CVE-2014-3571). The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message (CVE-2014-3572). OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate
    last seen2020-06-01
    modified2020-06-02
    plugin id82315
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82315
    titleMandriva Linux Security Advisory : openssl (MDVSA-2015:062)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_XCODE_7_0.NASL
    descriptionThe version of Apple Xcode installed on the remote Mac OS X host is prior to 7.0. It is, therefore, affected by the multiple vulnerabilities : - A memory leak issue exists in file d1_srtp.c related to the DTLS SRTP extension handling and specially crafted handshake messages. An attacker can exploit this to cause denial of service condition. (CVE-2014-3513) - A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) - A memory leak issue exists in file t1_lib.c related to session ticket handling. An attacker can exploit this to cause denial of service condition. (CVE-2014-3567) - An error exists related to the build configuration process and the
    last seen2020-05-06
    modified2015-10-02
    plugin id86245
    published2015-10-02
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86245
    titleApple Xcode < 7.0 (Mac OS X) (POODLE)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_03532A19D68E11E6917114DAE9D210B8.NASL
    descriptionOracle reports : Lynx is vulnerable to POODLE by still supporting vulnerable version of SSL. Lynx is also vulnerable to URL attacks by incorrectly parsing hostnames ending with an
    last seen2020-06-01
    modified2020-06-02
    plugin id96363
    published2017-01-10
    reporterThis script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96363
    titleFreeBSD : lynx -- multiple vulnerabilities (03532a19-d68e-11e6-9171-14dae9d210b8) (POODLE)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2014-005.NASL
    descriptionThe remote host is running a version of Mac OS X 10.8 or 10.9 that does not have Security Update 2014-005 applied. This update contains several security-related fixes for the following issues : - A command injection vulnerability in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This allows a remote attacker to execute arbitrary code via environment variable manipulation depending on the configuration of the system. (CVE-2014-6271, CVE-2014-7169) - A man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566) Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id78551
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/78551
    titleMac OS X Multiple Vulnerabilities (Security Update 2014-005) (POODLE) (Shellshock)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-1882.NASL
    descriptionUpdated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. [Updated 2 December 2014] This advisory has been updated to include updated java-1.7.0-ibm-jdbc and java-1.7.0-ibm-plugin packages, which were previously missing from this erratum. No changes were made to the other packages in this erratum. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2014-3065, CVE-2014-3566, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558) The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat Product Security. Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM article linked to in the References section for additional details about this change and instructions on how to re-enable SSL 3.0 support if needed. Note: This is the last update for the java-1.7.0-ibm packages distributed via the Red Hat Enterprise Linux 6 Supplementary channels. The RHEA-2014:1619 advisory, released as a part of Red Hat Enterprise Linux 6.6, introduced the new java-1.7.1-ibm packages. These packages contain IBM Java SE version 7 Release 1, which adds multiple enhancements over the IBM Java SE version 7 in the java-1.7.0-ibm packages. All java-1.7.0-ibm users must migrate to java-1.7.1-ibm packages to continue receiving updates for the IBM Java SE version 7 via the Red Hat Enterprise Linux 6 Supplementary channel. All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR8 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id79379
    published2014-11-21
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79379
    titleRHEL 6 : java-1.7.0-ibm (RHSA-2014:1882) (POODLE)
  • NASL familyWindows
    NASL idORACLE_JAVA_CPU_JAN_2015.NASL
    descriptionThe version of Oracle Java SE or Java for Business installed on the remote host is prior to 8 Update 31, 7 Update 75, 6 Update 91, or 5 Update 81. It is, therefore, affected by security vulnerabilities in the following components : - 2D - Deployment - Hotspot - Install - JAX-WS - JSSE - Libraries - RMI - Security - Serviceability - Swing
    last seen2020-06-01
    modified2020-06-02
    plugin id80908
    published2015-01-22
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80908
    titleOracle Java SE Multiple Vulnerabilities (January 2015 CPU) (POODLE)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201507-14.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201507-14 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Oracle JRE/JDK. Please review the CVE identifiers referenced below for details. Impact : An context-dependent attacker may be able to influence the confidentiality, integrity, and availability of Java applications/runtime. Workaround : There is no workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id84719
    published2015-07-14
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84719
    titleGLSA-201507-14 : Oracle JRE/JDK: Multiple vulnerabilities (POODLE)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-1653.NASL
    descriptionUpdated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 All OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to mitigate the CVE-2014-3566 issue. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.
    last seen2020-06-01
    modified2020-06-02
    plugin id78533
    published2014-10-17
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78533
    titleRHEL 5 : openssl (RHSA-2014:1653) (POODLE)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-282.NASL
    descriptionThis update allows to disable SSLv3 in lighttpd in order to protect against the POODLE attack. SSLv3 is now disabled by default and can be reenabled (if needed) using the ssl.use-sslv3 option. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2015-07-27
    plugin id84991
    published2015-07-27
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84991
    titleDebian DLA-282-1 : lighttpd security update (POODLE)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-1948.NASL
    descriptionFrom Red Hat Security Advisory 2014:1948 : Updated nss, nss-util, and nss-softokn packages that contain a patch to mitigate the CVE-2014-3566 issue, fix a number of bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 The nss, nss-util, and nss-softokn packages have been upgraded to upstream version 3.16.2.3, which provides a number of bug fixes and enhancements over the previous version, and adds the support for Mozilla Firefox 31.3. (BZ#1158159, BZ#1165003, BZ#1165525) Users of nss, nss-util, and nss-softokn are advised to upgrade to these updated packages, which contain a backported patch to mitigate the CVE-2014-3566 issue, fix these bugs, and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id79681
    published2014-12-03
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79681
    titleOracle Linux 5 / 6 / 7 : nss / nss-softokn / nss-util (ELSA-2014-1948) (POODLE)
  • NASL familyWeb Servers
    NASL idTOMCAT_7_0_57.NASL
    descriptionAccording to its self-reported version number, the Apache Tomcat service listening on the remote host is 7.0.x prior to 7.0.57. It is, therefore, affected by the following vulnerabilities : - A memory double-free error exists in
    last seen2020-06-01
    modified2020-06-02
    plugin id81650
    published2015-03-05
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81650
    titleApache Tomcat 7.0.x < 7.0.57 Multiple Vulnerabilities (POODLE)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2014-0039.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - add support for fallback SCSV to partially mitigate (CVE-2014-3566) (padding attack on SSL3) - fix CVE-2014-0221 - recursion in DTLS code leading to DoS - fix CVE-2014-3505 - doublefree in DTLS packet processing - fix CVE-2014-3506 - avoid memory exhaustion in DTLS - fix CVE-2014-3508 - fix OID handling to avoid information leak - fix CVE-2014-3510 - fix DoS in anonymous (EC)DH handling in DTLS - fix for CVE-2014-0224 - SSL/TLS MITM vulnerability - replace expired GlobalSign Root CA certificate in ca-bundle.crt
    last seen2020-06-01
    modified2020-06-02
    plugin id79554
    published2014-11-26
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79554
    titleOracleVM 3.2 : openssl (OVMSA-2014-0039) (POODLE)
  • NASL familyAIX Local Security Checks
    NASL idAIX_IV73319.NASL
    descriptionA man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
    last seen2020-06-01
    modified2020-06-02
    plugin id84266
    published2015-06-19
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84266
    titleAIX 7.1 TL 2 : nettcp (IV73319) (POODLE)

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/132254/poodle-poc.txt
idPACKETSTORM:132254
last seen2016-12-05
published2015-06-10
reporterBruno Luiz
sourcehttps://packetstormsecurity.com/files/132254/This-POODLE-Bites-Exploiting-The-SSL-3.0-Fallback.html
titleThis POODLE Bites: Exploiting The SSL 3.0 Fallback

Redhat

advisories
  • rhsa
    idRHSA-2014:1652
  • rhsa
    idRHSA-2014:1653
  • rhsa
    idRHSA-2014:1692
  • rhsa
    idRHSA-2014:1876
  • rhsa
    idRHSA-2014:1877
  • rhsa
    idRHSA-2014:1880
  • rhsa
    idRHSA-2014:1881
  • rhsa
    idRHSA-2014:1882
  • rhsa
    idRHSA-2014:1920
  • rhsa
    idRHSA-2014:1948
  • rhsa
    idRHSA-2015:0068
  • rhsa
    idRHSA-2015:0079
  • rhsa
    idRHSA-2015:0080
  • rhsa
    idRHSA-2015:0085
  • rhsa
    idRHSA-2015:0086
  • rhsa
    idRHSA-2015:0264
  • rhsa
    idRHSA-2015:0698
  • rhsa
    idRHSA-2015:1545
  • rhsa
    idRHSA-2015:1546
rpms
  • candlepin-0:0.9.23.1-1.el6
  • candlepin-0:0.9.23.1-1.el7
  • candlepin-selinux-0:0.9.23.1-1.el6
  • candlepin-selinux-0:0.9.23.1-1.el7
  • candlepin-tomcat-0:0.9.23.1-1.el7
  • candlepin-tomcat6-0:0.9.23.1-1.el6
  • foreman-0:1.6.0.49-1.el6sat
  • foreman-0:1.6.0.49-1.el7sat
  • foreman-compute-0:1.6.0.49-1.el6sat
  • foreman-compute-0:1.6.0.49-1.el7sat
  • foreman-gce-0:1.6.0.49-1.el6sat
  • foreman-gce-0:1.6.0.49-1.el7sat
  • foreman-libvirt-0:1.6.0.49-1.el6sat
  • foreman-libvirt-0:1.6.0.49-1.el7sat
  • foreman-ovirt-0:1.6.0.49-1.el6sat
  • foreman-ovirt-0:1.6.0.49-1.el7sat
  • foreman-postgresql-0:1.6.0.49-1.el6sat
  • foreman-postgresql-0:1.6.0.49-1.el7sat
  • foreman-vmware-0:1.6.0.49-1.el6sat
  • foreman-vmware-0:1.6.0.49-1.el7sat
  • katello-agent-0:1.5.3-6.el6sat
  • katello-agent-0:1.5.3-6.el7sat
  • pulp-admin-client-0:2.4.3-1.el6sat
  • pulp-admin-client-0:2.4.3-1.el7sat
  • pulp-nodes-child-0:2.4.3-0.1.beta.el6sat
  • pulp-nodes-child-0:2.4.3-0.1.beta.el7sat
  • pulp-nodes-common-0:2.4.3-0.1.beta.el6sat
  • pulp-nodes-common-0:2.4.3-0.1.beta.el7sat
  • pulp-nodes-parent-0:2.4.3-0.1.beta.el6sat
  • pulp-nodes-parent-0:2.4.3-0.1.beta.el7sat
  • pulp-puppet-admin-extensions-0:2.4.3-1.el6sat
  • pulp-puppet-admin-extensions-0:2.4.3-1.el7sat
  • pulp-puppet-plugins-0:2.4.3-1.el6sat
  • pulp-puppet-plugins-0:2.4.3-1.el7sat
  • pulp-puppet-tools-0:2.4.3-1.el6sat
  • pulp-puppet-tools-0:2.4.3-1.el7sat
  • pulp-rpm-admin-extensions-0:2.4.3-1.el6sat
  • pulp-rpm-admin-extensions-0:2.4.3-1.el7sat
  • pulp-rpm-handlers-0:2.4.3-1.el6sat
  • pulp-rpm-handlers-0:2.4.3-1.el7sat
  • pulp-rpm-plugins-0:2.4.3-1.el6sat
  • pulp-rpm-plugins-0:2.4.3-1.el7sat
  • pulp-selinux-0:2.4.3-1.el6sat
  • pulp-selinux-0:2.4.3-1.el7sat
  • pulp-server-0:2.4.3-1.el6sat
  • pulp-server-0:2.4.3-1.el7sat
  • python-pulp-agent-lib-0:2.4.3-1.el6sat
  • python-pulp-agent-lib-0:2.4.3-1.el7sat
  • python-pulp-bindings-0:2.4.3-1.el6sat
  • python-pulp-bindings-0:2.4.3-1.el7sat
  • python-pulp-client-lib-0:2.4.3-1.el6sat
  • python-pulp-client-lib-0:2.4.3-1.el7sat
  • python-pulp-common-0:2.4.3-1.el6sat
  • python-pulp-common-0:2.4.3-1.el7sat
  • python-pulp-puppet-common-0:2.4.3-1.el6sat
  • python-pulp-puppet-common-0:2.4.3-1.el7sat
  • python-pulp-rpm-common-0:2.4.3-1.el6sat
  • python-pulp-rpm-common-0:2.4.3-1.el7sat
  • ruby193-rubygem-katello-0:1.5.0-93.el6sat
  • ruby193-rubygem-katello-0:1.5.0-93.el7sat
  • rubygem-apipie-bindings-0:0.0.8-2.el6sat
  • rubygem-apipie-bindings-0:0.0.8-2.el7sat
  • rubygem-hammer_cli_import-0:0.10.4-1.3.el6sat
  • rubygem-hammer_cli_import-0:0.10.4-1.3.el7sat
  • java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5
  • java-1.7.0-ibm-demo-1:1.7.0.8.0-1jpp.1.el5
  • java-1.7.0-ibm-devel-1:1.7.0.8.0-1jpp.1.el5
  • java-1.7.0-ibm-jdbc-1:1.7.0.8.0-1jpp.1.el5
  • java-1.7.0-ibm-plugin-1:1.7.0.8.0-1jpp.1.el5
  • java-1.7.0-ibm-src-1:1.7.0.8.0-1jpp.1.el5
  • java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-accessibility-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-demo-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-demo-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-devel-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-devel-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-javacomm-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-javacomm-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-jdbc-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-jdbc-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-plugin-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-plugin-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.6.0-ibm-src-1:1.6.0.16.2-1jpp.1.el5
  • java-1.6.0-ibm-src-1:1.6.0.16.2-1jpp.1.el6_6
  • java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0
  • java-1.7.1-ibm-demo-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-demo-1:1.7.1.2.0-1jpp.3.el7_0
  • java-1.7.1-ibm-devel-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-devel-1:1.7.1.2.0-1jpp.3.el7_0
  • java-1.7.1-ibm-jdbc-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-jdbc-1:1.7.1.2.0-1jpp.3.el7_0
  • java-1.7.1-ibm-plugin-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-plugin-1:1.7.1.2.0-1jpp.3.el7_0
  • java-1.7.1-ibm-src-1:1.7.1.2.0-1jpp.3.el6_6
  • java-1.7.1-ibm-src-1:1.7.1.2.0-1jpp.3.el7_0
  • java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-accessibility-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-demo-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-demo-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-devel-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-devel-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-javacomm-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-javacomm-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-jdbc-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-jdbc-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-plugin-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-plugin-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.5.0-ibm-src-1:1.5.0.16.8-1jpp.1.el5
  • java-1.5.0-ibm-src-1:1.5.0.16.8-1jpp.1.el6_6
  • java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-ibm-demo-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-ibm-devel-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-ibm-jdbc-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-ibm-plugin-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-ibm-src-1:1.7.0.8.0-1jpp.1.el6_6
  • java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-accessibility-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-demo-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-demo-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-devel-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-devel-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-headless-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-javadoc-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-javadoc-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-src-1:1.7.0.75-2.5.4.0.el6_6
  • java-1.7.0-openjdk-src-1:1.7.0.75-2.5.4.2.el7_0
  • java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.7.0-openjdk-debuginfo-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.7.0-openjdk-demo-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.7.0-openjdk-devel-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.7.0-openjdk-javadoc-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.7.0-openjdk-src-1:1.7.0.75-2.5.4.0.el5_11
  • java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-debuginfo-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-demo-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-devel-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-headless-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-javadoc-1:1.8.0.31-1.b13.el6_6
  • java-1.8.0-openjdk-src-1:1.8.0.31-1.b13.el6_6
  • java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11
  • java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7
  • java-1.7.0-oracle-devel-1:1.7.0.75-1jpp.1.el5_11
  • java-1.7.0-oracle-devel-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-devel-1:1.7.0.75-1jpp.2.el7
  • java-1.7.0-oracle-javafx-1:1.7.0.75-1jpp.1.el5_11
  • java-1.7.0-oracle-javafx-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-javafx-1:1.7.0.75-1jpp.2.el7
  • java-1.7.0-oracle-jdbc-1:1.7.0.75-1jpp.1.el5_11
  • java-1.7.0-oracle-jdbc-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-jdbc-1:1.7.0.75-1jpp.2.el7
  • java-1.7.0-oracle-plugin-1:1.7.0.75-1jpp.1.el5_11
  • java-1.7.0-oracle-plugin-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-plugin-1:1.7.0.75-1jpp.2.el7
  • java-1.7.0-oracle-src-1:1.7.0.75-1jpp.1.el5_11
  • java-1.7.0-oracle-src-1:1.7.0.75-1jpp.1.el6
  • java-1.7.0-oracle-src-1:1.7.0.75-1jpp.2.el7
  • java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6
  • java-1.8.0-oracle-devel-1:1.8.0.31-1jpp.1.el6
  • java-1.8.0-oracle-javafx-1:1.8.0.31-1jpp.1.el6
  • java-1.8.0-oracle-jdbc-1:1.8.0.31-1jpp.1.el6
  • java-1.8.0-oracle-plugin-1:1.8.0.31-1jpp.1.el6
  • java-1.8.0-oracle-src-1:1.8.0.31-1jpp.1.el6
  • java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-openjdk-debuginfo-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-debuginfo-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-openjdk-debuginfo-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-openjdk-demo-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-demo-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-openjdk-demo-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-openjdk-devel-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-devel-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-openjdk-devel-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-openjdk-javadoc-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-javadoc-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-openjdk-javadoc-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-openjdk-src-1:1.6.0.34-1.13.6.1.el5_11
  • java-1.6.0-openjdk-src-1:1.6.0.34-1.13.6.1.el6_6
  • java-1.6.0-openjdk-src-1:1.6.0.34-1.13.6.1.el7_0
  • java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11
  • java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7
  • java-1.6.0-sun-demo-1:1.6.0.91-1jpp.1.el5_11
  • java-1.6.0-sun-demo-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-demo-1:1.6.0.91-1jpp.1.el7
  • java-1.6.0-sun-devel-1:1.6.0.91-1jpp.1.el5_11
  • java-1.6.0-sun-devel-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-devel-1:1.6.0.91-1jpp.1.el7
  • java-1.6.0-sun-jdbc-1:1.6.0.91-1jpp.1.el5_11
  • java-1.6.0-sun-jdbc-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-jdbc-1:1.6.0.91-1jpp.1.el7
  • java-1.6.0-sun-plugin-1:1.6.0.91-1jpp.1.el5_11
  • java-1.6.0-sun-plugin-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-plugin-1:1.6.0.91-1jpp.1.el7
  • java-1.6.0-sun-src-1:1.6.0.91-1jpp.1.el5_11
  • java-1.6.0-sun-src-1:1.6.0.91-1jpp.1.el6
  • java-1.6.0-sun-src-1:1.6.0.91-1jpp.1.el7
  • java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el5
  • java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6
  • java-1.6.0-ibm-devel-1:1.6.0.16.3-1jpp.1.el5
  • java-1.6.0-ibm-devel-1:1.6.0.16.3-1jpp.1.el6
  • openshift-origin-node-proxy-0:1.22.3.4-1.el6op
  • openshift-origin-node-proxy-0:1.16.4.2-1.el6op

Seebug

bulletinFamilyexploit
description# SSL 3.0 POODLE attack information disclosure Vulnerability(CVE-2014-3566) * Release date: 2014-10-14 * Update date: 2014-10-16 ### Affected system: * Netscape ssl 3.0 * Netscape tls ### Not affected system: * Netscape tls 1.2 * Netscape tls 1.1 * Netscape tls 1.0 ## Description: CVE(CAN) ID: CVE-2014-3566 SSL3. 0 is an obsolete and insecure Protocol, has now been TLS 1.0, TLS 1.1, TLS 1.2 alternative, because of compatibility reasons, most TLS implementations remain compatible with SSL3. To 0. For commonality considerations, currently most browsers version support SSL3. 0, TLS Protocol handshake phase contains a version negotiation step, in General, the client and server to the latest version of the Protocol will be used. Its in the server side of the handshake phase for version negotiation, first offer its support agreement to the latest version, if the handshake fails, then try with the older version of the Protocol negotiation. Be able to implement man in the middle attacks the attacker by making the affected versions of the browser and the server using newer Protocol negotiation failed connection, you can successfully achieve a downgrade attack, so that the client and the server using the insecure SSL3. 0 communicate, in this case, since the SSL 3.0 use of CBC block encryption implementation vulnerability exists, an attacker can successfully crack the SSL connections encrypt the information, such as access to user cookie data. This attack is called POODL attack(Padding Oracle On Downgraded Legacy Encryption) is. This vulnerability affected the vast majority of SSL server and client, the impact of a wide range. But the attacker as to the use of successful, need to be able to control the client and server between the data(perform a MiTM attack). How to fix POODLE SSLv3 security vulnerability (CVE-2014-3566) http://www.linuxidc.com/Linux/2014-10/108103.htm ## Recommendations Temporary workaround: If you can not immediately install patches or upgrades, NSFOCUS recommend that you take the following measures to reduce the threat: * Disable the SSL 3.0 Protocol. The current popular browsers, only IE 6.0 still does not support TLS 1.0, disable SSL 3.0 Protocol will affect IE 6 clients SSL access. ## The service end of the Disable method: ### Apache 2. x In the mod_ssl configuration file use the following command to disable SSLv2 and SSLv3 with: SSLProtocol All-SSLv2-SSLv3 Restart Apache ### Nginx In the configuration file to use: ssl_protocols TLSv1 TLSv1. 1 TLSv1. 2; Restart Nginx ### IIS Find the following registry key: HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols This registry key usually contains the following sub-items: * PCT 1.0 * SSL 2.0 * SSL 3.0 * TLS 1.0 Each of the registry entries are reserved for in the Protocol-related information. Can be on the server, disable these protocols in any one. To do this, the Protocol SSL 3.0, the server subkey create a new DWORD Value. The DWORD value is set to“00 00 00 00”it. ## Browser disable method: IE: "Tools" -&gt; "Internet Options" -&gt; "Advanced", uncheck"use SSL 3.0"check box. Chrome: Copy a usually open Chrome browser shortcuts, the new shortcut on right-click, Go into properties, In the"target"behind the spaces in the end of the field, enter the following command --ssl-version-min=tls1 FireFox: In the address bar enter"about:config", and then the security. tls. version. min adjusted to 1. ### Reference: * https://www.openssl.org/~bodo/ssl-poodle. pdf * http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html * https://technet.microsoft.com/en-us/library/security/3009008
idSSV:92692
last seen2017-11-19
modified2017-02-17
published2017-02-17
reporterjanes
titleSSL 3.0 POODLE(CVE-2014-3566)

References