Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2017.0034 [R2] Nessus 6.10.5 Fixes Two Vulnerabilities 13 April 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Tenable Nessus Operating System: FreeBSD Windows Linux variants OS X Impact/Access: Root Compromise -- Existing Account Increased Privileges -- Existing Account Denial of Service -- Existing Account Resolution: Patch/Upgrade Member content until: Saturday, May 13 2017 Reference: http://www.tenable.com/security/tns-2017-10 OVERVIEW Multiple vulnerability have been identified in Tenable Nessus prior to version 6.10.5. [1] IMPACT The vendor has provided the following details regarding the vulnerabilities: "Nessus was found to be vulnerable to a local privilege escalation issue and a local denial of service condition due to insecure permissions when running in Agent Mode. This may allow an attacker to gain administrative privileges on the system hosting a Nessus agent. Note that these are very similar too, but different than the Agent issue fixed in version 6.10.4. A local privilege escalation exists due to insecure permissions. CVSSv2 7.2 / 5.6 (AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C). Tracked internally as NES-6137. A local denial of service condition exists due to insecure permissions that would stop the agent from conducting scans. CVSSv2 2.1 / 1.7 (AV:L/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C)." [1] MITIGATION Tenable advises users should upgrade to the latest version of Tenable Nessus to address these issues: "Tenable has released Nessus version 6.10.5 that corresponds to the supported operating systems and architectures. To update your Nessus installation, follow these steps: Download the appropriate installation file to the system hosting Nessus Professional or Nessus Manager, available at the Tenable Support Portal (https://support.tenable.com/support-center/index.php?x=&mod_id=200) Stop the Nessus service. Install according to your operating system procedures. Restart the Nessus service. Note that only agents are impacted by the local privilege escalation issue, not scanners. If Nessus Manager is updated then auto updates will be deployed to the agents as well. If the agent is on Tenable.io then all of the agents will receive the updates." [1] REFERENCES [1] [R2] Nessus 6.10.5 Fixes Two Vulnerabilities http://www.tenable.com/security/tns-2017-10 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWO626Ix+lLeg9Ub1AQgUwQ/9GMCYwJ0I2l1D0aXAJyw0OyOr4v+5H9+d cVq8GJG3chKJZ5ZGsRMmCcuVT1EBjdGzbgmCVJ2iLF5ForN8ocCd2oAuxyqkSWbG 36x8xLPv9sq4uo3f5SElRrdZwg1ZUgBB5ch1Z6EPzoOahJlO+BY+jtkSms1ex9uy VWz6OhnWZiSUNQmEwKiajJn3KSlH3SXF/8OGVJqqRd50i1sDlrlx2dqtTT47iGbM 7jy5Pd4NisiQv3Jzb0zHaT//28FOzD8eEehYf1YDPdJKizS/VPzO6rCwj5rsFj2f Ux9Bs/ckWTUesyKXKrzBQfAah5CJDiMBuVI45bhSQgxd3/7JBz/CLZbHRhubAxdr MgR2Fh733hdCo/qAUsOnJTopAZCRY374TNiqcxQk+0C2ZWCWx2Ls3ZTkjDZeBrJ7 JEpdMAXrdNfXp68KMWU9AiP0W1hBXzqXyQ5bZitRwKLzoTyIOkh4K6/7rYGIM7j2 wYynuL8d9T+9t5j6w0unJsVVlzPTCejOyO3K5gY6XarCzTs3KBN44xU0MCw2+BCZ QwrBWBq6eYAcSjBc1GhTumpJizrCaH+H6IizsVwKnsTFWAxKO8gW6fyocM4FeDxZ xBgyiRQiMDfK4128Mr2VFpIW98F1nhqvJqnU9gewTiuXwMU/vexVFyueyMQmhDgu 3RA8lcd8Bg0= =2blh -----END PGP SIGNATURE-----