Detections
Analytics

NetIQ Sentinel < 7.4.1 Multiple Vulnerabilities

medium Nessus Plugin ID 90713

Language:

Synopsis

The NetIQ Sentinel server installed on the remote host is affected by multiple vulnerabilities.

Description

The version of Novell NetIQ Sentinel server installed on the remote host is prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities :

 - A flaw exists in Apache ActiveMQ in the processControlCommand() function within the file broker/TransportConnection.java. An unauthenticated, remote attacker can exploit this, via a specially crafted packet, to cause a denial of service condition.
 (CVE-2014-3576)

 - A flaw exists in the XMLTooling library due to a failure to properly handle integer conversion exceptions. An unauthenticated, remote attacker can exploit this, via a crafted SAML message, to cause a denial of service condition. (CVE-2015-0851)

 - A remote code execution vulnerability exists due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this, by sending a specially crafted serialized Java object via the RMI interface, to execute arbitrary code with the privileges of the application.

Solution

Upgrade to Novell NetIQ Sentinel version 7.4.1 or later.
Alternatively, contact the vendor for a workaround.

See Also

https://download.novell.com/Download?buildid=oY4w8kB7XkI~&patch_redirect=true&old_patch=ZEMvbiAk5k8~

http://www.nessus.org/u?9c6d83db

Plugin Details

Severity: Medium

ID: 90713

File Name: netiq_sentinel_7_4_1_0.nasl

Version: 1.9

Type: remote

Family: Misc.

Published: 4/26/2016

Updated: 11/19/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2015-0851

Vulnerability Information

CPE: cpe:/a:netiq:sentinel

Required KB Items: installed_sw/NetIQ Sentinel

Exploit Ease: No known exploits are available

Patch Publication Date: 3/2/2016

Vulnerability Publication Date: 1/28/2015

Reference Information

CVE: CVE-2014-3576, CVE-2015-0851

BID: 76134, 76272

CERT: 576313