Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2015.0076
A number of vulnerabilities have been identified in Tenable SecurityCenter
27 July 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Tenable SecurityCenter
Operating System: Linux variants
VMware ESX Server
Network Appliance
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2015-4150 CVE-2015-4149
Member content until: Wednesday, August 26 2015
OVERVIEW
A number of vulnerabilities have been identified in Tenable
SecurityCenter prior to version 5.0.0.1. [1]
IMPACT
The vendor has provided the following details regarding these
issues:
CVE-2015-4149, CVE-2015-4150: "SecurityCenter contains multiple
flaws that may allow an authenticated user to execute remote
commands on the device. The issue is due to four separate pages not
fully sanitizing user-supplied files during upload functions,
allowing for the injection of operating system commands. In each
case the user must be authenticated to the device, and in two cases
the account must have sufficient privileges to reach the vulnerable
functionality.
Three of the issues were reported by Vincent Hutsebaut and are
covered by CVE-2015-4149. After receiving the report, Tenable
audited additional functionality for the same issue and found one
internally, which is covered by CVE-2015-4150 due to their wonky
abstraction rules." [1]
MITIGATION
It is recommended that users upgrade to the latest version of
Tenable SecurityCenter or obtain the relevant patch to correct these
issues. [1]
REFERENCES
[1] [R1] Tenable SecurityCenter Post-authentication Remote Command
Execution
http://www.tenable.com/security/tns-2015-10
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVbWxHX6ZAP0PgtI9AQIC3hAAkhd28K6atrMR7KiucRPyqOb7yrOjPwNi
bc1yw4XJzmB9MXzh+qsxYMMeIB1Ij8la5oS/NqgQvtLbFe1fsglbcBYcobo1OTZs
glTkshyNHnqaAOy7IzCdz9/V0Q5WHs5nmIlCDRxK7k4ZQvd1aNy/glQ2tWMdUeFj
nAg4MNl5u02kgDsqzBXx2lN3UtwJxRunBfBV9Cj0UFn8LKk22vhNNU9Fb9f14cqy
sxwz9xYL5xheydJU39QfUn6LLAEZWLgSOV1Rsw3kXebf8+Z2h/qIusdtdLpNT83V
cDqysTuMjBZmPOuV/w4ziChj/lSobyI9GwyegpJceScSr5kqXrGj0eTEodjG/SDW
Pmq+YwEpFLh7Jrdi7hWbfeR17ts02UxfRyCagXynMh/onAZjYngL/0MfK0sfVNec
MVB8GaJx1GiT00v6XHefRiEavV8FX+VfS+T+U2N+K3VqvddvNHA2Jb9X1jIoQasJ
tBSTKnX3oNLxeFYYIiHEfkCqd5W+2dshdCOkZO9Rdd7UOddLfLJmm0OQOARMQwyN
NEOp4L/AU3ZFv1tGefhi6p/I6xuH7ja2WOhJqKIbH9vgbw4COvhH3+kgxbqUzRr+
QwK9lN0ehI7YqZd9WxQouM54GYU4R19m5JR0HLGJHf+I2w1Lt84g+uj3b7XRxS8X
iMQHUjGAN68=
=DPjy
-----END PGP SIGNATURE-----