Palo Alto Networks PAN-OS 7.0.7 Multiple Vulnerabilities

critical Nessus Plugin ID 91674

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Palo Alto Networks PAN-OS running on the remote host is 7.0.7. It is, therefore, affected by multiple vulnerabilities :

- A flaw exists in the passive firewall where a VM-series ESXi configuration processes and forwards traffic. No other details are available.

- An unspecified overflow condition exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code.

- An unspecified underflow condition exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to have an unspecified impact. No other details are available.

- A flaw exists in the API interface due to sending inappropriate responses to special requests. An unauthenticated, remote attacker can exploit this to have an unspecified impact. No other details are available.

- A flaw exists in the command line interface (CLI) that allows a local attacker to improperly execute code. No other details are available.

- A flaw exists that is related to the management plane account restrictions. An authenticated, remote attacker can exploit this to cause a denial of service condition.

- A flaw exists when handling improperly formatted API calls to Panorama. An unauthenticated, remote attacker can exploit this to cause a system daemon to stop responding, resulting in a denial of service.

- A flaw exists when handling HTTP GET packets that allows an unauthenticated, remote attacker to bypass the firewall even when the URL filtering profile was configured to block packets in this URL category.

Solution

Upgrade to Palo Alto Networks PAN-OS version 7.1.0 or later.

See Also

http://www.nessus.org/u?f9e38843

Plugin Details

Severity: Critical

ID: 91674

File Name: palo_alto_pan-os_7_1_0.nasl

Version: 1.6

Type: combined

Published: 6/17/2016

Updated: 1/2/2019

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version

Patch Publication Date: 4/6/2016

Vulnerability Publication Date: 4/6/2016