MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass (2785220) (uncredentialed check)

medium Nessus Plugin ID 63643

Synopsis

The remote host is affected by a security feature bypass vulnerability.

Description

The remote host contains a flaw in the handling of SSL version 3 (SSLv3) and TLS (Transport Layer Security) protocols. An attacker can inject specially crafted content into an SSL/TLS session, which could allow an attacker to bypass security features of SSLv3 and TLS protocols in order to intercept communications.

Note that this plugin only tests Microsoft IIS HTTPS and TLS-capable FTP servers, which are known to use MS13-006 update files. Other SSL/TLS implementations may also be affected. To test all SSL/TLS services Nessus finds, configure the 'Report paranoia' preference setting to 'Paranoid (more false alarms).'

Solution

Microsoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 8, and 2012.

For other SSL/TLS implementations, contact the vendor for updates.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2013/ms13-006

Plugin Details

Severity: Medium

ID: 63643

File Name: ms13-006_ssl.nbin

Version: 1.210

Type: remote

Agent: windows

Family: Windows

Published: 1/22/2013

Updated: 3/19/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.8

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Exploit Ease: No known exploits are available

Patch Publication Date: 1/8/2013

Vulnerability Publication Date: 1/8/2013

Reference Information

CVE: CVE-2013-0013

BID: 57144

IAVB: 2013-B-0003

MSFT: MS13-006

MSKB: 2785220