Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2017.0021 Multiple vulnerabilities identified in Tenable Appliance 9 March 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Tenable Appliance Operating System: Network Appliance Impact/Access: Root Compromise -- Existing Account Modify Arbitrary Files -- Existing Account Denial of Service -- Existing Account Unauthorised Access -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2017-6543 CVE-2017-6074 CVE-2017-3732 CVE-2017-3731 CVE-2016-1000104 CVE-2016-1000102 CVE-2016-10167 CVE-2016-10161 CVE-2016-10160 CVE-2016-10159 CVE-2016-10158 CVE-2016-9594 CVE-2016-8743 CVE-2016-8740 CVE-2016-7055 CVE-2016-5387 CVE-2016-2161 CVE-2016-0736 Member content until: Saturday, April 8 2017 Reference: ESB-2017.0574 ESB-2017.0554 ESB-2017.0522 OVERVIEW Multiple vulnerabilities have been identified in Tenable Appliance prior to version 4.5.0. [1] IMPACT Tenable has provided the following details regarding the vulnerabilities: "The Tenable Appliance has recently been discovered to contain several vulnerabilities. One exists in the underlying operating system kernel, two in the Appliance web interface, and multiple issues in bundled applications. Since the Appliance ships with other Tenable products, please consult the associated advisories linked below for more details." [1] CVE-2017-6074: "Linux Kernel net/dccp/input.c dccp_rcv_state_process() Function DCCP_PKT_REQUEST Handling Use-after-free Remote Code Execution (VulnDB 152302 / CVE-2017-6074)" [1, 2] Tenable Appliance Web UI Unauthorized Admin Password Manipulation (VulnDB 153134) Tenable Appliance Web UI Unauthenticated Remote Command Execution (VulnDB 153135) CVE-2017-6543: "Tenable Nessus on Windows Unspecified Remote File Upload (TNS-2017-06)" [1, 3] Tenable SecurityCenter File Upload PHP Object Deserialization Remote File Deletion (TNS-2017-05)[1, 4] CVE-2016-0736, CVE-2016-2161, CVE-2016-5387, CVE-2016-7055, CVE-2016-8740, CVE-2016-8743, CVE-2016-9594, CVE-2016-10158, CVE-2016-10160, CVE-2016-10161, CVE-2016-10159, CVE-2016-10167, CVE-2016-1000102, CVE-2016-1000104, CVE-2017-3731, CVE-2017-3732: "Tenable SecurityCenter Multiple Vulnerabilities (TNS-2017-04)" [1, 5] MITIGATION Tenable strongly encourages users to update to the latest version to address these vulnerabilities. [1] REFERENCES [1] [R1] Tenable Appliance 4.5.0 Fixes Multiple Vulnerabilities https://www.tenable.com/security/tns-2017-07 [2] Vulnerability Summary for CVE-2017-6543 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6543 [3] [R3] Nessus 6.10.2 Fixes One Vulnerability https://www.tenable.com/security/tns-2017-06 [4] [R4] SecurityCenter 5.4.4 Fixes File Upload unserialize() Function PHP Object Handling Remote File Deletion https://www.tenable.com/security/tns-2017-05 [5] [R5] SecurityCenter 5.4.3 Fixes Multiple Vulnerabilities https://www.tenable.com/security/tns-2017-04 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWMC5dYx+lLeg9Ub1AQhVHQ//bN9mOtlhrvV7oswsulWsZrpgwC6zqKKg MM+YoKYLxewOH5m+hqM2yi8smcGyKssRp803U6lLpeB6GFWMl48bLL3tRQelf4ei NyeNo+/9FYesFbakQea305624mjRPVTL9icUyaleYSvYP1wunC4QzfKNQLvrPzjd 9b6SaO5QG6EzZ6EKXQYSAzWS4D+6KISVWIUZ96Cj8DjF13ZsY3k93bjB994PCfPj ErotGuTnlvKXtDWJ6xSvGD1oOK4i3iaUyQkR2ivM43s+NPW+g7P7y+L/tEklycBD DBEE2liL6ylTDzHeV8ON8INqXhQ7ZPfOSA5R6diQTwRWjKfL/t70K2jbtgyMa6bj 36OagwxWqX3qhp6/WvzZO48wEKltjaHjdoCtbDOWebeDqQ8nenM2zrVcQEFOIulq a3LH6oe5mF34eBjaRV5Mb7d4GTErGCIGGOGHwTNfVJaTErzjkJQuZD8CiY9Tq+vh L13DPtiuOjrGV1y0AnYFsruT4/F5mkGpRIouewO7A9cpJMAIBDHzT80ChrT3gjgn ThQ+Dg0ml40LCXcRLTUxDH7yR1H7DqSiBwXw87iIxWZM1iEgJXsQlVfXaKBqiVkj 9S1leQnXKhZVOc26aF0lSy5SFDpqKFdnWzTS4lJIe2qX8Y0ZPRpS+fJfqXTSIpmM 6BAlCFLi3W0= =AFAu -----END PGP SIGNATURE-----