Detections
Analytics

Xerox WorkCentre 77XX Multiple Vulnerabilities (XRX15R) (FREAK) (GHOST)

critical Nessus Plugin ID 87327

Language:

Synopsis

The remote multi-function device is affected by multiple vulnerabilities.

Description

According to its model number and software version, the remote Xerox WorkCentre 77XX device is affected by multiple vulnerabilities :

 - A security feature bypass vulnerability, known as FREAK (Factoring attack on RSA-EXPORT Keys), exists due to the support of weak EXPORT_RSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may be able to downgrade the SSL/TLS connection to use EXPORT_RSA cipher suites which can be factored in a short amount of time, allowing the attacker to intercept and decrypt the traffic. (CVE-2015-0204)

 - A heap-based buffer overflow condition exists in the GNU C Library (glibc) due to improper validation of user-supplied input to the glibc functions
 __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. This vulnerability is known as GHOST. (CVE-2015-0235)

Solution

Apply the appropriate cumulative update as described in the Xerox security bulletin in the referenced URL.

See Also

http://www.nessus.org/u?94c70bf4

https://www.smacktls.com/#freak

http://www.nessus.org/u?c7a6ddbd

Plugin Details

Severity: Critical

ID: 87327

File Name: xerox_xrx15r.nasl

Version: 1.4

Type: remote

Family: Misc.

Published: 12/11/2015

Updated: 11/20/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2015-0235

Vulnerability Information

CPE: cpe:/h:xerox:workcentre

Required KB Items: www/xerox_workcentre, www/xerox_workcentre/model, www/xerox_workcentre/ssw

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/19/2015

Vulnerability Publication Date: 1/6/2015

Exploitable With

Core Impact

Metasploit (Exim GHOST (glibc gethostbyname) Buffer Overflow)

Reference Information

CVE: CVE-2015-0204, CVE-2015-0235

BID: 71936, 72325

CERT: 243585, 967332