Detections
Analytics
Tenable SecurityCenter < 5.3.0 Multiple Vulnerabilities (TNS-2016-04)
medium Nessus Plugin ID 93343
Language:
Synopsis
The Tenable SecurityCenter application installed on the remote host is affected by multiple vulnerabilities.Description
The Tenable SecurityCenter application installed on the remote host is either prior to version 5.3.0 or is missing a security patch. It is, therefore, affected by multiple vulnerabilities in the Perl-Compatible Regular Expressions (PCRE) library bundled with PHP :- An overflow condition exists in the PCRE library due to improper validation of user-supplied input when handling repeated conditional groups. An attacker can exploit this, via a specially crafted regular expression, to cause a buffer overflow, resulting in a denial of service condition. (CVE-2015-8383)
- An overflow condition exists in the PCRE library due to improper validation of user-supplied input when handling mutual recursions within a 'lookbehind' assertion. An attacker can exploit this to cause a stack-based buffer overflow, resulting in a denial of service condition.
(CVE-2015-8386)
- An integer overflow condition exists in the PCRE library due to improper validation of user-supplied input when handling subroutine calls. An attacker can exploit this, via a specially crafted regular expression, to cause a denial of service condition. (CVE-2015-8387)
- A flaw exists in the PCRE library due to improper handling of the /(?:|a|){100}x/ pattern or other related patterns. An attacker can exploit this, via a specially crafted regular expression, to cause an infinite recursion, resulting in a denial of service condition.
(CVE-2015-8389)
- A flaw exists in the PCRE library due to improper handling of the [: and \\ substrings in character classes. An attacker can exploit this, via a specially crafted regular expression, to cause an uninitialized memory read, resulting in a denial of service condition.
(CVE-2015-8390)
- A flaw exists in the PCRE library in the pcre_compile() function in pcre_compile.c due to improper handling of [: nesting. An attacker can exploit this, via a specially crafted regular expression, to cause an excessive consumption of CPU resources, resulting in a denial of service condition. (CVE-2015-8391)
- A flaw exists in the PCRE library due to improper handling of the '-q' option for binary files. An attacker can exploit this, via a specially crafted file, to disclose sensitive information. (CVE-2015-8393)
- An integer overflow condition exists in the PCRE library due to improper validation of user-supplied input when handling the (?(<digits>) and (?(R<digits>) conditions.
An attacker can exploit this, via a specially crafted regular expression, to cause a denial of service condition. (CVE-2015-8394)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to SecurityCenter version 5.3.0 or later. Alternatively, apply patch SC-201603.1-5.x-rh5-64.tgz / SC-201603.1-5.x-rh6-64.tgz.See Also
Plugin Details
Severity: Medium
ID: 93343
File Name: securitycenter_php_5_6_18.nasl
Version: 1.12
Type: combined
Agent: unix
Family: Misc.
Published: 9/6/2016
Updated: 10/9/2020
Supported Sensors: Nessus Agent, Nessus
Risk Information
CVSS Score Rationale: Score based on analysis of the vendor advisory.
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 4
Temporal Score: 3
Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS Score Source: manual
CVSS v3
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:tenable:securitycenter
Required KB Items: installed_sw/SecurityCenter, Host/SecurityCenter/support/php/version, Host/SecurityCenter/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 3/8/2016
Vulnerability Publication Date: 11/23/2015
Reference Information
CVE: CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394