Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2018.0070 [R1] SecurityCenter 5.6.2.1 Fixes One Third-party Vulnerability 6 April 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Tenable SecurityCenter Operating System: Linux variants Network Appliance Virtualisation Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2018-7584 Member content until: Sunday, May 6 2018 Reference: ESB-2018.0941 ESB-2018.0867 ESB-2018.0796 OVERVIEW Vulnerability has been identified in PHP module that is part of Tenable SecurityCenter prior to version 5.6.2.1. [1] IMPACT The vendor has provided the following details regarding the vulnerabilities: "SecurityCenter leverages third-party software to help provide underlying functionality. One of the third-party components (PHP) were found to contain vulnerabilities, and updated versions have been made available by the providers. Out of caution and in line with good practice, Tenable opted to upgrade the bundled PHP to address the potential impact of these issues on SecurityCenter. SecurityCenter 5.6.2.1 updates PHP to version 5.6.34 to address the identified vulnerabilities. References for the issues are below: PHP Stack Buffer Overflow Vulnerability (CVE-2018-7584) CVE ID: CVE-2018-7584 Tenable Advisory ID: TNS-2018-03 Risk Factor: High CVSSv2 Base / Temporal Score: 7.5 / 5.9 CVSSv2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C"[1][2] MITIGATION Tenable advises users to upgrade to the latest version. "Tenable has released SecurityCenter 5.6.2.1 to address this issue. The new version can be obtained from the Tenable Support Portal"[1][3] REFERENCES [1] [R1] SecurityCenter 5.6.2.1 Fixes One Third-party Vulnerability http://www.tenable.com/security/tns-2018-03 [2] [CVE-MITRE] Stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7584 [3] Tenable Support Portal https://support.tenable.com/support-center/index.php?x=&mod_id=160 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWsaxVYx+lLeg9Ub1AQiD2g//RLR+1dBm/F94MYimZfzRjmQ15o26EOzf bvbgPW3hnSVTE6ACOcUtHZdkmMWi/1/q2x7S6nh72eZEUeNTGTpyMGNSTxEIOHHe FQpr0W0LeCd1QZW+M4a4A48zAWQYQ1I8tVcU9Rtk87p5csbQZshu3MMzfuTVWM1a FK4R9FpfOjRnw6yHORLaVmYw4eYscMl44y5OSQsSMS4ZVNHDzAz2MCV1rT+d5UrI qgEvV8aZIcf+gL+tqrYCL0h+MwWzRaUrfkU6sUffNaQHgaZ1RPoAv5UT3xbf71iE k9OuGOoe717V5nfazEMDUmkQwApemLUoA1XkyQkrmuZepmRUcNMgcwNqEQ4vCFao A6VRmxFEV0RknUqv4nlfx342GRSONKC86j0P5+P8SIzJzBMmxhe0PzYM4gTzIZQP PFtv2hWyDL0Ihv0fqVOCdTa29Ic2kJlTUBPR4r9Fh7UuXHV0XNlwrMoDDRhbdblE 8dcwW5KYRbuJJ30IMumXEdQs3Z4t6fF0LUEgPmDDlnvlYV/XJCFGz4R5cvFvOo+K 7Jf6qFJPEcIU3CN21s0ESpIL49Vl2KcEw9pJzp47U8jafpgmtdO8lOfEHXEJuoS7 HeQyVZasYU/7Y1xZj9z8oCBKbCftbhmG3a9lMoh0rdaOxWtpk9eG8k5ymbTAyoZk H4Dhb0QPCkk= =Pt3r -----END PGP SIGNATURE-----