Operating System:

[WIN][LINUX][MAC][FreeBSD]

Published:

13 April 2017

Protect yourself against future threats.

//Service

Malicious URL Feed

Add this Australian-based feed to your firewall blacklist and SIEM to prevent compromises to your network.

Read more
Resources > Security Bulletins > ASB-2017.0034 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2017.0034
               [R2] Nessus 6.10.5 Fixes Two Vulnerabilities
                               13 April 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Tenable Nessus
Operating System:     FreeBSD
                      Windows
                      Linux variants
                      OS X
Impact/Access:        Root Compromise      -- Existing Account
                      Increased Privileges -- Existing Account
                      Denial of Service    -- Existing Account
Resolution:           Patch/Upgrade
Member content until: Saturday, May 13 2017
Reference:            http://www.tenable.com/security/tns-2017-10

OVERVIEW

        Multiple vulnerability have been identified in Tenable Nessus prior
        to version 6.10.5. [1]


IMPACT

        The vendor has provided the following details regarding the 
        vulnerabilities:
        
        "Nessus was found to be vulnerable to a local privilege escalation 
        issue and a local denial of service condition due to insecure 
        permissions when running in Agent Mode. This may allow an attacker 
        to gain administrative privileges on the system hosting a Nessus 
        agent. Note that these are very similar too, but different than the
        Agent issue fixed in version 6.10.4.
        
        A local privilege escalation exists due to insecure permissions. 
        CVSSv2 7.2 / 5.6 (AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C). 
        Tracked internally as NES-6137. A local denial of service condition
        exists due to insecure permissions that would stop the agent from 
        conducting scans. CVSSv2 2.1 / 1.7 
        (AV:L/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C)." [1]


MITIGATION

        Tenable advises users should upgrade to the latest version of 
        Tenable Nessus to address these issues:
        
        "Tenable has released Nessus version 6.10.5 that corresponds to the
        supported operating systems and architectures. To update your Nessus
        installation, follow these steps:
        
        Download the appropriate installation file to the system hosting 
        Nessus Professional or Nessus Manager, available at the Tenable 
        Support Portal 
        (https://support.tenable.com/support-center/index.php?x=&mod_id=200)
        Stop the Nessus service. Install according to your operating system
        procedures. Restart the Nessus service. Note that only agents are 
        impacted by the local privilege escalation issue, not scanners. If 
        Nessus Manager is updated then auto updates will be deployed to the
        agents as well. If the agent is on Tenable.io then all of the agents
        will receive the updates." [1]


REFERENCES

        [1] [R2] Nessus 6.10.5 Fixes Two Vulnerabilities
            http://www.tenable.com/security/tns-2017-10

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWO626Ix+lLeg9Ub1AQgUwQ/9GMCYwJ0I2l1D0aXAJyw0OyOr4v+5H9+d
cVq8GJG3chKJZ5ZGsRMmCcuVT1EBjdGzbgmCVJ2iLF5ForN8ocCd2oAuxyqkSWbG
36x8xLPv9sq4uo3f5SElRrdZwg1ZUgBB5ch1Z6EPzoOahJlO+BY+jtkSms1ex9uy
VWz6OhnWZiSUNQmEwKiajJn3KSlH3SXF/8OGVJqqRd50i1sDlrlx2dqtTT47iGbM
7jy5Pd4NisiQv3Jzb0zHaT//28FOzD8eEehYf1YDPdJKizS/VPzO6rCwj5rsFj2f
Ux9Bs/ckWTUesyKXKrzBQfAah5CJDiMBuVI45bhSQgxd3/7JBz/CLZbHRhubAxdr
MgR2Fh733hdCo/qAUsOnJTopAZCRY374TNiqcxQk+0C2ZWCWx2Ls3ZTkjDZeBrJ7
JEpdMAXrdNfXp68KMWU9AiP0W1hBXzqXyQ5bZitRwKLzoTyIOkh4K6/7rYGIM7j2
wYynuL8d9T+9t5j6w0unJsVVlzPTCejOyO3K5gY6XarCzTs3KBN44xU0MCw2+BCZ
QwrBWBq6eYAcSjBc1GhTumpJizrCaH+H6IizsVwKnsTFWAxKO8gW6fyocM4FeDxZ
xBgyiRQiMDfK4128Mr2VFpIW98F1nhqvJqnU9gewTiuXwMU/vexVFyueyMQmhDgu
3RA8lcd8Bg0=
=2blh
-----END PGP SIGNATURE-----