copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ASB-2016.0033 - [RedHat][CentOS] Tenable Log Correlation Engine: Denial of service - Remote with user interaction

Date: 29 March 2016
References: ESB-2015.3240  ESB-2016.1114  ESB-2016.1241  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2016.0033
 A vulnerability has been identified in the Tenable Log Correlation Engine
                               29 March 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Tenable Log Correlation Engine
Operating System:     Red Hat
                      CentOS
Impact/Access:        Denial of Service -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2015-8035  
Member content until: Thursday, April 28 2016
Reference:            ESB-2015.3240

OVERVIEW

        A vulnerability has been identified in the Tenable Log Correlation
        Engine prior to version 4.8.0. [1]


IMPACT

        The vendor has provided the following information:
        
        "CVE-2015-8035 - Libxml2 contains an infinite loop condition in the 
        xz_decomp() function in xzlib.c that is triggered when handling xz 
        compressed XML content. This may allow a context-dependent attacker
        to exhaust available system resources." [1]


MITIGATION

        The vendor recommends updating to the latest version. [1]


REFERENCES

        [1] [R1] Log Correlation Engine (LCE) 4.8.0 Updates Libxml2
            http://www.tenable.com/security/tns-2016-06

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVvocxH6ZAP0PgtI9AQIzHQ//QHwLb+hcBEGN7cQkkU7TxaAL9q94jrv+
6Uu2fnb9db+FdCcvBGRi22qgNo4PleujVITpgv0uEjRiL2M95Mc+fzs6vfDM24wA
bewQDHgrlHlmTfLu8MCWI+5opSnyBtKd2219W34Sd0OhsmIFtbdzEqvBpeQMo+dK
86WWjJl13GOhhjkckQGut5t9T8WIibv1MHXRHukRypM5yFDFb7C8bexPen7F9TYw
8+o+q2zruYSG1mYvlEjjjeyfGc82+h5Flyul3OarwIL1BQl7chlnBJ8x8IyKp/J+
ltyh1Ve0llsFe+cFjc6Ym1OJiA9Ll06on1tOQnF/cjS1hegzHwhlkikQUyqrwgM1
AX6CT8L///eklgGElrEBHlEeTnQ0Fc8dABR6HghQ3TOnaq2vOf2/slDrJ1VguMln
auu6hshniTQwmtXu+dYyipvbSdo8fYp/SkV2qilvZhHFVhN/tNFQxAQeELelcj2y
fR0JswZgJvycAx+K8KOJmNIrpGQeayXfFlNICCHQXrz2Oq43vFNeI2IzTbpImBnD
2GdAGUKt6/8iyq1j9559Ya+9s//HGBf8Yd8vhCoBlKJQWsvp3PC17RHo9bO76lSY
5EflmhZKhMTf3Mt9VUwPqTJDWg0Q9p8fFMgo0Uj69kENcwBq4McMufGonV3dQyyo
J5UDxEFHFRs=
=lPh3
-----END PGP SIGNATURE-----