Vulnerability Assessment Review - Final Report

Review Date:- 23-06-2018 to 06-08-2018

Report Date:- 06-08-2018

Details: This sheet contains all the in-scope IP addressess

Sr.No. IP address Vulnerability Count

Critical High
1 10.xx.xx.xx 0 2
ssess

lnerability Count
Medium Low
7 3
 Vulnerability Severity Distribution Count
Critical 0
High 2
Medium 7
Low 3

Vulnerability Severity Distribution

Critical High Medium Low

Plugin ID CVE CVSS Risk Host Protocol Port Name

SSL Version 2 and 3 Protocol

20007 High 10.xx.xx.xx tcp 5989 Detection

TLS Version 1.0 Protocol

104743 High 10.xx.xx.xx tcp 5666 Detection

SSL Weak Cipher Suites

26928 4.3 Medium 10.xx.xx.xx tcp 5666 Supported

SSL Certificate Signed Using

35291 CVE-2004-2761 5 Medium 10.xx.xx.xx tcp 5989 Weak Hashing Algorithm

SSL Medium Strength Cipher

42873 5 Medium 10.xx.xx.xx tcp 5666 Suites Supported

SSL Certificate Cannot Be

51192 6.4 Medium 10.xx.xx.xx tcp 5989 Trusted

57582 6.4 Medium 10.xx.xx.xx tcp 5989 SSL Self-Signed Certificate

 Transport Layer Security (TLS)
62565 CVE-2012-4929 4.3 Medium 10.xx.xx.xx tcp 5989 Protocol CRIME Vulnerability

Network Time Protocol (NTP)

97861 5 Medium 10.xx.xx.xx udp 123 Mode 6 Scanner

SSL Anonymous Cipher Suites

31705 CVE-2007-1858 2.6 Low 10.xx.xx.xx tcp 5666 Supported

SSL RC4 Cipher Suites

65821 CVE-2013-2566 2.6 Low 10.xx.xx.xx tcp 5666 Supported (Bar Mitzvah)

SSL/TLS EXPORT_DHE <= 512-

83738 CVE-2015-4000 2.6 Low 10.xx.xx.xx tcp 5666 bit Export Cipher Suites
Supported (Logjam)
 - An insecure padding scheme with CBC ciphers.

- Insecure session renegotiation and resumption schemes.

An attacker can exploit these flaws to conduct man-in-the-middle

Synopsis attacks or to decrypt communications
Description between the affected
service and
clients.
The remote service encrypts
traffic using a protocol with Although
The remoteSSL/TLS service has a secure
accepts means for
connections choosingusing
encrypted the highest
TLS 1.0.
known supported
TLS 1.0 has a
weaknesses. version
numberofofthe protocol (sodesign
cryptographic that these flaws.versions
Modernwill be used only if
implementations
the client or server supportof nothing
TLS 1.0better), many web browsers
implement
mitigate thesethis in an unsafe
problems, but newerway that allowsofan
versions TLSattacker
like 1.1to and
The remote service encrypts downgrade
1.2 are
traffic using an older version of a connection
designed against (such as in POODLE).
these flaws andTherefore,
should beitused is recommended
whenever
TLS. that
possible.
these protocols be disabled entirely.
PCI DSS v3.2 requires that TLS 1.0 be disabled entirely by June 30,
NISTremote
The
2018, has determined
except service
for POS uses
POIthatanSSLSSL3.0
terminals is nothe
certificate
(and longer
chain acceptable
SSL/TLS that has been for
The remote host supports thesecure
use of
signed SSL ciphers thattermination
offer weak
points to which they connect) that can be verified as not being
The remote service supports the communications.
using a cryptographicallyAs of theencryption.
susceptible dateanyofhashing
weak
to enforcement
known algorithm
exploits. found (e.g.in MD2,
PCI DSS
use of weak SSL ciphers. MD4, v3.1,MD5,
Note:
any This These
version
or SHA1). isof
considerably
will noteasier
SSLsignature meet
algorithmsto exploit
the PCI
areSSC'sif the
known attacker
definition ofis'strong
to be vulnerableon the
samecryptography'.
physicalto network.
The server's
collision attacks. X.509 certificate
An attacker can cannot
exploit bethis
trusted. This situation
to generate another
certificate with the same digital cansignature, allowing an attacker to
An SSL certificate in the occur in threemasqueradedifferent ways, in which theservice.
chain of trust can be
as the affected
certificate chain has been signed broken, as stated below :
using a Note that this plugin reports all SSL certificate chains signed with
weak hash algorithm. The remote- First, the top
hostafter ofJanuary
supportsthe certificate
the1,use of chain
SSL sent by
ciphers thatthe offer
SHA-1 that expire 2017 as vulnerable. This is in
server might not be descended
medium
accordance with Google's gradual sunsetting of the SHA-1 from a known public
strength certificate authority.
encryption. Nessus This can occur
regards
cryptographic medium either when the
strength as any
top of the chain isencryption
hash analgorithm.
unrecognized, self-signed
The remote service supports the that uses certificate, or at
when
key lengths leastintermediate
64 bits and less certificates
than 112 arebits, or
use of medium strength SSL missing that would connect the top of the certificate
Note that certificates in the else
chain that are contained in the
ciphers. chain touses
a known public certificatesuite.authority.
that the 3DESNessus encryption
CA database (known_CA.inc) have been ignored.
Note that- Second, the certificate
it is considerably chain
easier to may containmedium
circumvent a certificatestrength
encryption that isif not
the valid at the
attacker is on timetheofsamethe scan.
physicalThisnetwork.
can
occur either when the scan occurs before one of the
The SSL certificate for this certificate's 'notBefore' dates, or after one of the
service cannot be trusted.
The X.509 certificate certificate's
chain for'notAfter'
this service dates.
is not signed by a
recognized certificate authority. If the remote host is a public
- Third, the certificate chain host may contain a signature
that eitherthis
in production, didn't matchthe
nullifies theuse certificate's
of SSL as information
anyone could
The SSL certificate chain for this or could not be verified. Bad
establish signatures can be fixed by
service ends in an unrecognized getting the certificate
a man-in-the-middle withagainst
attack the bad thesignature
remote host. to be
self-signed certificate. re-signed by its issuer. Signatures that could not be
Note thatverified are the
this plugin doesresult of thefor
not check certificate's
certificateissuer
chains that
using a signing algorithm end that Nessus either does not
support or does
in a certificate that is not self-signed, not recognize.
but is signed by an
unrecognized certificate authority.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity
and
 The remote service has one of two configurations that are known
to be
required for the CRIME attack :
The remote service has a - SSL / TLS compression is enabled.
configuration that may make it
vulnerable to - TLS advertises the SPDY protocol earlier than version 4.
the CRIME attack.
The remote
Note that NTP
Nessusserver responds
did not attempt to mode 6 queries.
to launch Devices
the CRIME that
attack
respond
against the
to these queries have the potential
remote service. to be used in NTP
The remote NTP server responds amplification
to mode 6 queries. attacks. An unauthenticated, remote attacker could potentially
The remote host supports the exploit
use of anonymous SSL ciphers.
this, via a specially craftedWhile
modethis 6 query, to cause a reflected
denial of
enables an administrator to service
set up acondition.
service that encrypts traffic
without having to generate and configure SSL certificates, it offers
The remote service supports the no way to verify the remote host's identity and renders the
use of anonymous SSL ciphers. service
The remotevulnerable to a man-in-the-middle
host supports the use of RC4 in one attack.
or more cipher
suites.
Note: This cipher
The RC4 is considerably
is flawedeasier to exploit ifofthe
in its generation attacker is on the
a pseudo-random
same physical
stream network.
The remote service supports the of bytes so that a wide variety of small biases are introduced into
use of the RC4 cipher. the stream, decreasing its randomness.
The remote host supports EXPORT_DHE cipher suites with keys
If plaintext is repeatedly encrypted
less than(e.g., HTTP cookies), and an
attacker
or equal is
toable
512 to obtain
bits. manycryptanalysis,
Through (i.e., tens of amillions) ciphertexts,
third party can find
the attacker may be able to derive the
the shared secret in a short amount of time. plaintext.
The remote host supports a set
of weak ciphers. A man-in-the middle attacker may be able to downgrade the
session to
use EXPORT_DHE cipher suites. Thus, it is recommended to
remove
support for weak cipher suites.
 Solution https://www.schneier.com/academic/paperfiles/paper-
See Also
ssl.pdf
http://www.nessus.org/u?0bb7b67d
Consult the application's documentation to disable SSL 2.0
and 3.0. http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
Use TLS 1.1 (with approved cipher suites) or higher http://www.nessus.org/u?5d15ba70
instead. https://www.imperialviolet.org/2014/10/14/poodle.html
https://tools.ietf.org/html/rfc7507
https://tools.ietf.org/html/rfc7568
Enable support for TLS 1.1 and 1.2, and disable support for
TLS 1.0.

Reconfigure the affected application, if possible to avoid

the use of http://www.nessus.org/u?6527892d
weak ciphers.

https://tools.ietf.org/html/rfc3279
Contact the Certificate Authority to have the certificate http://www.nessus.org/u?e120eea1
reissued. http://technet.microsoft.com/en-
us/security/advisory/961509

Reconfigure the affected application if possible to avoid https://www.openssl.org/blog/blog/2016/08/24/sweet32

use of /
medium strength ciphers.

http://www.itu.int/rec/T-REC-X.509/en
Purchase or generate a proper certificate for this service. https://en.wikipedia.org/wiki/X.509

Purchase or generate a proper certificate for this service.

 http://www.iacr.org/cryptodb/data/paper.php?
pubkey=3091
https://discussions.nessus.org/thread/5546
Disable compression and / or the SPDY service. http://www.nessus.org/u?8ec18eb5
https://issues.apache.org/bugzilla/show_bug.cgi?
id=53219

Restrict NTP mode 6 queries. https://ntpscan.shadowserver.org

Reconfigure the affected application if possible to avoid

use of weak http://www.nessus.org/u?3a040ada
ciphers.

Reconfigure the affected application, if possible, to avoid http://www.nessus.org/u?217a3666

use of RC4 http://cr.yp.to/talks/2013.03.12/slides.pdf
ciphers. Consider using TLS 1.2 with AES-GCM suites http://www.isg.rhul.ac.uk/tls/
subject to browser http://www.imperva.com/docs/HII_Attacking_SSL_when
and web server support. _using_RC4.pdf

Reconfigure the service to remove support for

EXPORT_DHE cipher https://weakdh.org/
suites.
 Plugin Output

- SSLv3 is enabled and the server supports at least one cipher.

Here is the list of weak SSL ciphers supported by the remote server :

Low Strength Ciphers (<= 64-bit key)

TLSv1 is enabled and the server supports at least one cipher.
EXP-ADH-DES-CBC-SHA Kx=DH(512) Au=None Enc=DES-
CBC(40) Mac=SHA1 export
EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40)
Mac=MD5 export
ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES-
CBC(56) Mac=SHA1

The following certificatesThewere

fieldspart
above arecertificate
of the : chain sent by
the remote host, but contain hashes that are considered to be weak.
{OpenSSL ciphername}
Here is the
|-Subject list of medium Kx={key exchange}
strength SSL ciphers Alto/O=Hewlett-
: C=US/ST=California/L=Palo supported by the
Au={authentication}
remote server : Network Management
Packard Company/OU=Hewlett-Packard
Enc={symmetric encryption method}
Software/CN=dcrrbdb2
Medium Mac={message
StrengthAlgorithm
|-Signature authentication
Ciphers (>: SHA-1
64-bit and
With<RSA code}
112-bit key, or 3DES)
Encryption
|-Valid From {export flag}
: May 20 23:48:03 2017 GMT
ADH-DES-CBC3-SHA
|-Valid To Kx=DH
: May 18 23:48:03Au=None
2027 GMTEnc=3DES-
CBC(168) Mac=SHA1

The fields above are :

The following certificate was at the top of the certificate
{OpenSSL
chain sent by the remote host,ciphername}
but it is signed by an unknown
Kx={key exchange}
certificate authority :
Au={authentication}
Enc={symmetric encryption
|-Subject : C=US/ST=California/L=Palo method}
Alto/O=Hewlett-Packard
Company/OU=Hewlett-Packard Networkcode}
Mac={message authentication Management
{export flag}
Software/CN=dcrrbdb2
|-Issuer : C=US/ST=California/L=Palo Alto/O=Hewlett-Packard
The Company/OU=Hewlett-Packard
following certificate was found at the topManagement
Network of the certificate
chain sent by the remote host, but is self-signed and was not
Software/CN=dcrrbdb2
found in the list of known certificate authorities :

|-Subject : C=US/ST=California/L=Palo Alto/O=Hewlett-Packard

Company/OU=Hewlett-Packard Network Management
Software/CN=dcrrbdb2
The following is a list of SSL anonymous ciphers supported by the
remote server :
The following configuration indicates that the remote service
mayLowbeStrength Ciphers
vulnerable to the(<= 64-bit
CRIME key) :
attack
EXP-ADH-DES-CBC-SHA Kx=DH(512)
- SSL / TLS compression Au=None Enc=DES-
is enabled.
CBC(40) Mac=SHA1 export
EXP-ADH-RC4-MD5 Kx=DH(512)
Nessus elicited the following response Au=None Enc=RC4(40)
from the remote
Mac=MD5
host by sending export6 query :
an NTP mode
ADH-DES-CBC-SHA Kx=DH Au=None Enc=DES-
'system="UNIX/HPUX",CBC(56)leap=0, Mac=SHA1
stratum=4, rootdelay=239.46,
rootdispersion=69.29, peer=42228, refid=10.1.23.31,
Medium Strength Ciphers (> 64-bit and < 112-bit
reftime=0xdf3a1d58.dab6c000, key, or 3DES)
poll=10,
clock=0xdf3a1f3a.d939c000,
List of RC4 cipher suites supported by the remote server :
ADH-DES-CBC3-SHA Kx=DH
phase=6.027, freq=-3712.20, Au=None Enc=3DES-
error=11.12'
CBC(168) Mac=SHA1
Low Strength Ciphers (<= 64-bit key)
High StrengthKx=DH(512)
EXP-ADH-RC4-MD5 Ciphers (>= 112-bit
Au=Nonekey) Enc=RC4(40)
Mac=MD5 export
ADH-AES128-SHA Kx=DH Au=None Enc=AES-
CBC(128) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
ADH-AES256-SHA
EXPORT_DHE Kx=DH
cipher suites supported byAu=None
the remoteEnc=AES-
server :
ADH-RC4-MD5 CBC(256)
Kx=DH Mac=SHA1Au=None Enc=RC4(128)
ADH-RC4-MD5Low StrengthKx=DH Au=None
Ciphers (<=
Mac=MD5 Enc=RC4(128)
64-bit key)
Mac=MD5
EXP-ADH-DES-CBC-SHA Kx=DH(512)
The fields above are : Au=None Enc=DES-
CBC(40)The fields above areexport
Mac=SHA1 :
EXP-ADH-RC4-MD5 {OpenSSL Kx=DH(512)
ciphername}Au=None Enc=RC4(40)
{OpenSSL
Mac=MD5
Kx={key ciphername}
export
exchange}
Kx={key exchange}
Au={authentication}
Au={authentication}
The fieldsencryption
Enc={symmetric above are :method}
Enc={symmetric encryption method}
Mac={message authentication code}
Mac={message
{OpenSSL authentication
ciphername}
{export flag} code}
{export
Kx={key flag}
exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}