Hello,
I have 2 vulnerabilitiy issues detected on port "ldap (636/tcp)" and "unknow (11712/tcp)" on my vCenter 6 update 2 server =>
=========
1) "www (636/tcp)":
OpenSSL AES-NI Padding Oracle MitM Information Disclosure
Synopsis :
It was possible to obtain sensitive information from the remote host with TLS-enabled services.
Description :
The remote host is affected by a man-in-the-middle (MitM) information disclosure vulnerability due to an error in the implementation of ciphersuites that use AES in CBC mode with HMAC-SHA1 or HMAC-SHA256.
The implementation is specially written to use the AES acceleration available in x86/amd64 processors (AES-NI). The error messages returned by the server allow allow a man-in-the-middle attacker to conduct a padding oracle attack, resulting in the ability to decrypt network traffic.
See also :
https://blog.filippo.io/luckyminus20/
http://www.nessus.org/u?37b909b6
https://www.openssl.org/news/secadv/20160503.txt
Solution :
Upgrade to OpenSSL version 1.0.1t / 1.0.2h or later.
Plugin Output :
Nessus was able to trigger a RECORD_OVERFLOW alert in the
remote service by sending a crafted SSL "Finished" message.
CVE :
CVE-2016-2107
BID :
BID 89760
Other References :
OSVDB:137896
EDB-ID:39768
IAVA:2016-A-0113
Nessus Plugin ID : 91572
VulnDB ID: 383666
2) "unknow (11712/tcp)":
OpenSSL AES-NI Padding Oracle MitM Information Disclosure
Synopsis :
It was possible to obtain sensitive information from the remote host with TLS-enabled services.
Description :
The remote host is affected by a man-in-the-middle (MitM) information disclosure vulnerability due to an error in the implementation of ciphersuites that use AES in CBC mode with HMAC-SHA1 or HMAC-SHA256.
The implementation is specially written to use the AES acceleration available in x86/amd64 processors (AES-NI). The error messages returned by the server allow allow a man-in-the-middle attacker to conduct a padding oracle attack, resulting in the ability to decrypt network traffic.
See also :
https://blog.filippo.io/luckyminus20/
http://www.nessus.org/u?37b909b6
https://www.openssl.org/news/secadv/20160503.txt
Solution :
Upgrade to OpenSSL version 1.0.1t / 1.0.2h or later.
Plugin Output :
Nessus was able to trigger a RECORD_OVERFLOW alert in the
remote service by sending a crafted SSL "Finished" message.
CVE :
CVE-2016-2107
BID :
BID 89760
Other References :
OSVDB:137896
EDB-ID:39768
IAVA:2016-A-0113
Nessus Plugin ID : 91572
VulnDB ID: 383666
=========
I can't find a fix or a new version, is anyone have an idea?
Maybe, I must waiting the next vcenter update? update 3 ???