Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2016.0024 Multiple vulnerabilities have been identified in Tenable SecurityCenter 9 March 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Tenable SecurityCenter Operating System: Linux variants Network Appliance Virtualisation Impact/Access: Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2015-8394 CVE-2015-8393 CVE-2015-8391 CVE-2015-8390 CVE-2015-8389 CVE-2015-8387 CVE-2015-8386 Member content until: Friday, April 8 2016 Reference: ESB-2016.0366 ESB-2016.0300 ESB-2016.0255 OVERVIEW Multiple vulnerabilities have been identified in Tenable SecurityCenter versions 5.0.2, 5.1.0, 5.2.0. [1] IMPACT The vendor has provided the following details regarding the vulnerabilities: "PHP bundles the Perl-Compatible Regular Expressions (PCRE) library for RegExp parsing, which SecurityCenter implements." [1] "CVE-2015-8386 - PCRE lookbehind Assertion Mutual Recursion Handling Stack Overflow DoS CVE-2015-8387 - PCRE RegExp Subroutine Call Handling Integer Overflow DoS CVE-2015-8389 - PCRE RegExp Pattern Handling Infinite Recursion DoS CVE-2015-8390 - PCRE RegExp Character Class Substring Handling Uninitialized Memory Read DoS CVE-2015-8393 - PCRE pcregrep Binary File -q Option Handling Information Disclosure CVE-2015-8394 - PCRE RegExp digits Conditions Handling Integer Overflow DoS CVE-2015-8391 - PCRE pcre_compile.c pcre_compile() Function RegExp Nesting Handling CPU Consumption DoS" [1] MITIGATION Tenable advises users a patch was released for SecurityCenter, which applies PHP 5.6.18 ans PCRE 8.38, effectively correcting these issues. [1] Tenable also advises SecurityCenter 5.3.0, due for release, will not be vulnerable to these issues. [1] REFERENCES [1] [R1] PHP 5.6.18 / PCRE 8.38 Vulnerabilities Affect Tenable SecurityCenter https://www.tenable.com/security/tns-2016-04 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVt9+yX6ZAP0PgtI9AQLfww//QpEGaP9DLlSMMHM8ABzjshxxig112Y+d qAUc/+AkwA+FgrTSKataUFXmwhXb7pghfADIeiomW9X+3gIpCl2J6QtiVaQRSu3i 6yRE37pr+UVfoLsMALXqUAvoehOt41XMoR/WNDyArl/QGW91p3RGWXSyksRR5CTx YrcInq51flCqJ4Fp7bnPin/RmAwpKNb2HFL2ATmK6VI0ZdHhutNgpqJTt8gaSdHQ MnEeGETE7Kf78qDFPqf55yJbK8e3WpyCCSUI8Ymm2UVS5Xe/RNLdjHjR8PYNHtT3 JZEb9ZeHAAMasXlS/l0q1rP3zjdU+xfcLTP4tcTWdMOATWn6Oy6eEB9UzMOUcd9a M4za/vW2Yr/ReVwYNBOZP/Q9ZJFjhtNHL3etgXxA5DELO9JO6MZGuHtZvqlj7id5 sR6vpogbW0h8cUPPryoNCCth/Xo/lK9w5PKUjP52A9O7fIX0YhuHVX1N6kOXH6mD emCrjUq4A7R8TkaM1tnfIqykrtcBGGwqbRFejbrvrPV6RBLsSJ7kkL0lSkfWdgp0 REuBfMuMR8lNqonw/IoRqmuvvmvjo4uspzIyv9GnijIpll4owR5egaH91yZpZYIc xp+ZNCFP4+8diUe+ZN5TfaByxwINoyNuWap7w5yvYcmZwrh6lPoP/ITNV9c8LfF9 MysZDFFHPho= =/fma -----END PGP SIGNATURE-----