Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2016.0030
A vulnerability has been identified in Tenable Appliance 4.0.0
15 March 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Tenable Appliance
Operating System: Network Appliance
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2015-7547
Member content until: Thursday, April 14 2016
Reference: ESB-2016.0422
ESB-2016.0417
ESB-2016.0406
ESB-2016.0394
ESB-2016.0387
ESB-2016.0419.2
OVERVIEW
A vulnerability has been identified in Tenable Appliance 4.0.0. [1]
IMPACT
The vendor has provided the following details regarding this issue:
CVE-2015-7547: "The Tenable Appliance is built on a Linux
distribution that utilizes the GNU C Library (glibc). A
vulnerability was recently reported impacting glibc, which may
impact the Appliance. According to the researchers, glibc contains
an overflow condition in the send_dg() and send_vc() functions in
libresolv resolv/res_send.c where input is not properly validated
when looking up domain names via the getaddrinfo() call. This may
allow a remote attacker to cause a stack-based buffer overflow,
resulting in a denial of service or potentially allowing the
execution of arbitrary code." [1]
MITIGATION
The vendor has stated that updates will be available through the
Tenable online repositories:
"A glibc update is available via the online repositories, which are
checked every night by the appliance. When the update is found a
notification will appear in the administrative interface. Appliance
administrators will need to direct the system to apply the updates
so as not to interfere with scanning activities." [1]
REFERENCES
[1] [R1] GNU C Library (glibc) Vulnerability Affects Tenable Appliance
http://www.tenable.com/security/tns-2016-05
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVudjx36ZAP0PgtI9AQKsZg//QHSJCcqdBAo7+s8lVj6J7lq8xJFGVQFs
15mwM/3uodG0/o7ZES98sMyro/7AZMm0krVTL0Y7g23ySt2fSiH1nxQMOwYU5Oek
yL+rZf/ngIxGLVv9a3DTQ6nGUp6Oyc1P1I+Xri5i+xy0FOpI2+9LieAjUPkVdd2C
N967B4Uu81fxBSl/z9h4Oo45yrOxS/zFbgjn/5E1bHD+9mFKwSxvSWfZM/6b2gNI
D51FOvlNdchen8CacXxDC1Pl2chJJXGJ/YdSPftz5Ym4mB2CDJWM8Z3ZU3F5RyI9
ZsarvwgsInQ2TihKBAxuZMONMRaSW4COFKnzwPnBUAhyEwRNcAUxaKo4t6opkoUd
4YP2dD2zp3fiTPcVQyiziJe0hien+yvaZOGtK21gTvrJg8OBOd8HukYm+OQtbmUA
nHhOLXvPODMa0iV+In0YmB0uTzBKOFGgOQWmb380XC3+LsnKKpotQuPElK0pYOS5
439zwmJyOWgCVtJHghS1a9C5HEYh29M3sy2rCWIBNWt0q/f1SZ4QUZdikIcmojBO
mqToyX5Ubalp6h+j1v2pEDFGlLd8Xy3r8DaeyQb6N6KQG2p54akQgw9PG9OqBWTd
oHGPioZgV+QqY2Gc+KF1qVvOGYWOkSD/eZhlAaypD2Yu1GMc54P1v96ZIr8nARqS
u+SPZkSWd+o=
=nSTa
-----END PGP SIGNATURE-----