Operating System:

[LINUX][Appliance][Virtual]

Published:

22 July 2015

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ASB-2015.0072 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2015.0072
A number of vulnerabilities have been identified in Tenable SecurityCenter
                               22 July 2015

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Tenable SecurityCenter
Operating System:     Linux variants
                      VMware ESX Server
                      Network Appliance
Impact/Access:        Unauthorised Access -- Remote/Unauthenticated
                      Reduced Security    -- Remote/Unauthenticated
Resolution:           Patch/Upgrade
CVE Names:            CVE-2015-1793  
Member content until: Friday, August 21 2015

OVERVIEW

        A number of vulnerabilities have been identified in Tenable 
        SecurityCenter prior to version 5.0.0.1. [1, 2]


IMPACT

        The vendor has provided the following details regarding these 
        issues:
        
        CVE-2015-1793: "SecurityCenter is potentially impacted by a 
        vulnerability in OpenSSL that was recently disclosed and fixed. Note
        that due to the time involved in doing a full analysis of the issue,
        Tenable has opted to patch the included version of OpenSSL as a 
        precaution, and to save time.
        
        OpenSSL crypto/x509/x509_vfy.c X509_verify_cert() Function 
        Alternative Certificate Chain Handling Certificate Validation Bypass
        
        OpenSSL contains a flaw in the X509_verify_cert() function in 
        crypto/x509/x509_vfy.c that is triggered when locating alternate 
        certificate chains in cases where the first attempt to build such a
        chain fails. This may allow a remote attacker to cause certain 
        certificate checks to be bypassed, leading to an invalid presented 
        certificate being considered as valid." [1]
        
        "SecurityCenter is potentially impacted by a vulnerability in PHP 
        that was recently disclosed and fixed. Note that due to the time 
        involved in doing a full analysis of the issue, Tenable has opted to
        patch the included version of PHP as a precaution, and to save time.
        
        PHP escapeshellcmd() / escapeshellarg() ! Character Handling 
        Unspecified Issue
        
        PHP contains a flaw in the escapeshellcmd() and escapeshellarg() 
        functions. The issue is triggered as the ! character is not properly
        handled. This may allow an attacker to e.g. substitute environment 
        variables and have an unspecified impact." [2]


MITIGATION

        It is recommended that users upgrade to the latest version of Tenable
        SecurityCenter to correct these issues. [1, 2]


REFERENCES

        [1] [R1] OpenSSL 'secadv_20150709' Vulnerability Affects Tenable
            SecurityCenter
            http://www.tenable.com/security/tns-2015-08

        [2] [R1] PHP < 5.4.43 Vulnerability Affects Tenable SecurityCenter
            http://www.tenable.com/security/tns-2015-09

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVa7zm36ZAP0PgtI9AQL/HhAA0tNCnS2b9rGQ9ePg5NUC+VMB5aR43kpv
UK3c4y0Uapnz1BTm7QpEoODhAQeJz/etJmUKURUtOPBWqRUq/jmCp6YlyCYBEyhY
yLgu4rF2ErzwXuQTKlRiJ7OvRRcr1Op56uOyTnzmt8KT1dr88nu5nlv5ebmR2OL1
fyT7AC9yfqVFlDQ3yBXPxIRPc+0UPDiQJkYNuPGJj+VDqHse6NcpPT19xHP51piR
ufEh4qSTOQwuQn/7oKS0H0ITvoJv7i89OqMUpzFm8IHbGLUPnXumNoF/o2jWJyrL
VI7vbHR+/dTH7wWIix8etZ6gzD+GsUXQ/llNUmShH4RLkfyfEZLSyWWu73KkhMDE
3vcrcf+iCHpmyK2kYS2rXxnnZ3MbYVm76CZ4o5f4Lh0VfGZq0LuAyOaIVEfWNIwa
6l/3hWggjpid6np4j6nmsgMqkNOjYSVGs+WYSZ7d2lDonnYMKlMgspoh+uWNTmtc
dvaCFa7e4IW5EsPEIL+kkzY92K1x7Fr1avYwIOAkBnsrOHuhc+bX+4u6J8OzXJ/R
RmN4U+fIOf26EjA/TgIYDoSwyftUBSEncWIhFU7tMW2SdAaSQUHxHNbOTTS2ZiIL
aHBKtVKwcE4Cn0K1wRzhHSa0ZiONGYHm2NDh532JKxDL9aLJIW/BLhh3tCZRLjxs
sH0bNdsP0is=
=HFdm
-----END PGP SIGNATURE-----