Think you have a false positive on this rule?

Sid 1-32205

Message

SERVER-OTHER SSLv3 POODLE CBC padding brute force attempt

Summary

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

Impact

CVSS base score 3.1 CVSS impact score 1.4 CVSS exploitability score 1.6 confidentialityImpact LOW integrityImpact NONE availabilityImpact NONE

CVE-2014-3566:

CVSS base score 3.1

CVSS impact score 1.4

CVSS exploitability score 1.6

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

CVE-2014-3568:

CVSS base score 4.3

CVSS impact score 2.9

CVSS exploitability score 8.6

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Detailed information

CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

CVE-2014-3568: OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23clnt.c and s23srvr.c.

Affected systems

  • openssl openssl 0.9.8
  • openssl openssl 0.9.8a
  • openssl openssl 0.9.8b
  • openssl openssl 0.9.8c
  • openssl openssl 0.9.8d
  • openssl openssl 0.9.8e
  • openssl openssl 0.9.8f
  • openssl openssl 0.9.8g
  • openssl openssl 0.9.8h
  • openssl openssl 0.9.8i
  • openssl openssl 0.9.8j
  • openssl openssl 0.9.8k
  • openssl openssl 0.9.8l
  • openssl openssl 0.9.8m
  • openssl openssl 0.9.8n
  • openssl openssl 0.9.8o
  • openssl openssl 0.9.8p
  • openssl openssl 0.9.8q
  • openssl openssl 0.9.8r
  • openssl openssl 0.9.8s
  • openssl openssl 0.9.8t
  • openssl openssl 0.9.8u
  • openssl openssl 0.9.8v
  • openssl openssl 0.9.8w
  • openssl openssl 0.9.8x
  • openssl openssl 0.9.8y
  • openssl openssl 0.9.8z
  • openssl openssl 0.9.8za
  • openssl openssl 0.9.8zb
  • openssl openssl 1.0.0
  • openssl openssl 1.0.0a
  • openssl openssl 1.0.0b
  • openssl openssl 1.0.0c
  • openssl openssl 1.0.0d
  • openssl openssl 1.0.0e
  • openssl openssl 1.0.0f
  • openssl openssl 1.0.0g
  • openssl openssl 1.0.0h
  • openssl openssl 1.0.0i
  • openssl openssl 1.0.0j
  • openssl openssl 1.0.0k
  • openssl openssl 1.0.0l
  • openssl openssl 1.0.0m
  • openssl openssl 1.0.0n
  • openssl openssl 1.0.1
  • openssl openssl 1.0.1a
  • openssl openssl 1.0.1b
  • openssl openssl 1.0.1c
  • openssl openssl 1.0.1d
  • openssl openssl 1.0.1e
  • openssl openssl 1.0.1f
  • openssl openssl 1.0.1g
  • openssl openssl 1.0.1h
  • openssl openssl 1.0.1i
  • apple macosx 10.10.1
  • debian debian_linux 7.0
  • debian debian_linux 8.0
  • fedoraproject fedora 19
  • fedoraproject fedora 20
  • fedoraproject fedora 21
  • ibm aix 5.3
  • ibm aix 6.1
  • ibm aix 7.1
  • ibm vios 2.2.0.10
  • ibm vios 2.2.0.11
  • ibm vios 2.2.0.12
  • ibm vios 2.2.0.13
  • ibm vios 2.2.1.0
  • ibm vios 2.2.1.1
  • ibm vios 2.2.1.3
  • ibm vios 2.2.1.4
  • ibm vios 2.2.1.5
  • ibm vios 2.2.1.6
  • ibm vios 2.2.1.7
  • ibm vios 2.2.1.8
  • ibm vios 2.2.1.9
  • ibm vios 2.2.2.0
  • ibm vios 2.2.2.1
  • ibm vios 2.2.2.2
  • ibm vios 2.2.2.3
  • ibm vios 2.2.2.4
  • ibm vios 2.2.2.5
  • ibm vios 2.2.3.0
  • ibm vios 2.2.3.1
  • ibm vios 2.2.3.2
  • ibm vios 2.2.3.3
  • ibm vios 2.2.3.4
  • mageia mageia 3.0
  • mageia mageia 4.0
  • netbsd netbsd 5.1
  • netbsd netbsd 5.1.1
  • netbsd netbsd 5.1.2
  • netbsd netbsd 5.1.3
  • netbsd netbsd 5.1.4
  • netbsd netbsd 5.2
  • netbsd netbsd 5.2.1
  • netbsd netbsd 5.2.2
  • netbsd netbsd 6.0
  • netbsd netbsd 6.0.1
  • netbsd netbsd 6.0.2
  • netbsd netbsd 6.0.3
  • netbsd netbsd 6.0.4
  • netbsd netbsd 6.0.5
  • netbsd netbsd 6.0.6
  • netbsd netbsd 6.1
  • netbsd netbsd 6.1.1
  • netbsd netbsd 6.1.2
  • netbsd netbsd 6.1.3
  • netbsd netbsd 6.1.4
  • netbsd netbsd 6.1.5
  • novell opensuse 12.3
  • novell opensuse 13.1
  • novell suselinuxenterprise_desktop 9.0
  • novell suselinuxenterprise_desktop 10.0
  • novell suselinuxenterprise_desktop 11.0
  • novell suselinuxenterprise_desktop 12.0
  • novell suselinuxenterprise_server 11.0
  • novell suselinuxenterprise_server 12.0
  • novell suselinuxenterprisesoftwaredevelopment_kit 11.0
  • novell suselinuxenterprisesoftwaredevelopment_kit 12.0
  • redhat enterprise_linux 5
  • redhat enterpriselinuxdesktop 6.0
  • redhat enterpriselinuxdesktop 7.0
  • redhat enterpriselinuxdesktop_supplementary 5.0
  • redhat enterpriselinuxdesktop_supplementary 6.0
  • redhat enterpriselinuxdesktop_supplementary 76.0
  • redhat enterpriselinuxserver 6.0
  • redhat enterpriselinuxserver 7.0
  • redhat enterpriselinuxserver_supplementary 5.0
  • redhat enterpriselinuxserver_supplementary 6.0
  • redhat enterpriselinuxserver_supplementary 7.0
  • redhat enterpriselinuxworkstation 6.0
  • redhat enterpriselinuxworkstation 7.0
  • redhat enterpriselinuxworkstation_supplementary 6.0
  • redhat enterpriselinuxworkstation_supplementary 7.0

Ease of attack

CVE-2014-3566:

Access Vector

Access Complexity

Authentication

CVE-2014-3568:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References