AIX 7.1 TL 3 : nettcp (IV73975) (POODLE)

medium Nessus Plugin ID 84274

Synopsis

The remote AIX host is missing a security patch.

Description

A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.

Solution

Install the appropriate interim fix.

See Also

https://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc

https://www.imperialviolet.org/2014/10/14/poodle.html

https://www.openssl.org/~bodo/ssl-poodle.pdf

https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00

Plugin Details

Severity: Medium

ID: 84274

File Name: aix_IV73975.nasl

Version: 2.15

Type: local

Published: 6/19/2015

Updated: 6/26/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/o:ibm:aix:7.1

Required KB Items: Host/AIX/lslpp, Host/local_checks_enabled, Host/AIX/version, Host/AIX/oslevelsp

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/17/2015

Vulnerability Publication Date: 10/14/2014

Reference Information

CVE: CVE-2014-3566

BID: 70574

CERT: 577193