| VID |
26617 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (MS12-049, 2655992) for 'Vulnerabilities in TLS Could Allow Information Disclosure' has not been applied.
The Transport Layer Security (TLS) Handshake Protocol is responsible for the authentication and key exchange necessary to establish or resume secure sessions.
A design flaw in the CBC mode of operation on the TLS protocol can allow encrypted TLS traffic to be decrypted. This vulnerability could allow for the decryption of HTTPS traffic by an unauthorized third party.
The update modifies the way that the Windows Secure Channel (SChannel) and the Cryptography API: Next Generation (CNG) components handle encrypted network packets.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://technet.microsoft.com/en-us/security/bulletin/ms12-049
* Platforms Affected:
Windows XP SP3
Windows Server 2003 SP2
Windows Server 2003 x64 SP2
Windows Server 2003 for Itanium-based
Windows Vista SP2
Windows Vista x64 SP2
Windows Server 2008 SP2
Windows Server x64 2008 SP2
Windows Server 2008 for Itanium-based
Windows 7 and SP1
Windows 7 x64 and SP2
Windows Server 2008 R2 x64
Windows Server 2008 R2 for Itanium-based |
| Recommendation |
Apply the appropriate patch (2655992) for your system, as listed in Microsoft Security Bulletin MS12-049 at http://technet.microsoft.com/en-us/security/bulletin/ms12-049
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2012-1870 (CVE) |
| Related URL |
54304 (SecurityFocus) |
| Related URL |
(ISS) |
|
