Detections
Analytics
MS KB3119884: Improperly Issued Digital Certificates Could Allow Spoofing
medium Nessus Plugin ID 87313
Language:
Synopsis
The remote Windows host has an out-of-date SSL certificate blacklist.Description
The remote host is missing KB3119884, KB2677070 (automatic updater), or the latest disallowed certificate update using KB2813430 (manual updater). If KB2677070 has been installed, it has not yet obtained the latest auto-updates.Note that this plugin checks that the updaters have actually updated the disallowed CTL list, not that the KBs listed are installed. This approach was taken since the KB2677070 automatic updater isn't triggered unless software that relies on SSL in the Microsoft Cryptography API is being actively used on the remote host. This plugin can be manually resolved by importing the latest disallowedcert.sst and disallowedcertstl.cab files into the Certificates console.
Solution
Ensure that the Microsoft automatic updater for revoked certificates (KB2677070) is installed and running. Alternatively, install the manual updater (KB2813430).See Also
http://www.nessus.org/u?556013c5
http://www.nessus.org/u?e096ea65
Plugin Details
Severity: Medium
ID: 87313
File Name: smb_kb3119884.nasl
Version: 1.17
Type: local
Agent: windows
Family: Windows
Published: 12/10/2015
Updated: 2/28/2022
Supported Sensors: Nessus Agent, Nessus
Risk Information
CVSS Score Rationale: Reported from vendor
CVSS v2
Risk Factor: Medium
Base Score: 5.8
Temporal Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N
CVSS Score Source: manual
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:microsoft:windows
Required KB Items: SMB/Registry/Enumerated, SMB/WindowsVersion, SMB/ProductName
Patch Publication Date: 11/30/2015
Vulnerability Publication Date: 11/30/2015