IBM BigFix Platform 9.1.x < 9.1.1328.0 / 9.2.x < 9.2.11.19 Multiple Vulnerabilities

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

An infrastructure management application running on the remote host
is affected by multiple vulnerabilities.

Description :

According to its self-reported version, the IBM BigFix Platform
application running on the remote host is 9.1.x prior to 9.1.1328.0 or
9.2.x prior to 9.2.11.19. It is, therefore, affected by multiple
vulnerabilities :

- An out-of-bounds pointer arithmetic error exists in
zlib within file inftrees.c. An unauthenticated, remote
attacker can exploit this, via a specially crafted
document, to cause a denial of service condition.
(CVE-2016-9840)

- An out-of-bounds pointer arithmetic error exists in
zlib within file inffast.c. An unauthenticated, remote
attacker can exploit this, via a specially crafted
document, to cause a denial of service condition.
(CVE-2016-9841)

- A flaw exists in zlib in the z_streamp() function
within file inflate.c that is related to left shifts of
negative numbers. An unauthenticated, remote
attacker can exploit this, via a specially crafted
document, to cause a denial of service condition.
(CVE-2016-9842)

- An out-of-bounds pointer flaw exists in the crc32_big()
function within file crc32.c when handling big-endian
pointer calculations. An unauthenticated, remote
attacker can exploit this, via a specially crafted
document, to cause a denial of service condition.
(CVE-2016-9843)

- A cross-site scripting (XSS) vulnerability exists in
the web-based user interface due to improper validation
of user-supplied input before returning it to users. An
unauthenticated, remote attacker can exploit this, via a
specially crafted request, to execute arbitrary script
code in a user's browser session. (CVE-2017-1203)

- An XML external entity (XXE) injection flaw exists when
parsing XML data due to an incorrectly configured XML
parser accepting XML external entities from untrusted
sources. An authenticated, remote attacker can exploit
this, via specially crafted XML data, to disclose
sensitive information or cause a denial of service
condition. (CVE-2017-1219)

IBM BigFix Platform was formerly known as Tivoli Endpoint Manager, IBM
Endpoint Manager, and IBM BigFix Endpoint Manager.

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://www.nessus.org/u?192a2e64
http://www-01.ibm.com/support/docview.wss?uid=swg22006014

Solution :

Upgrade to IBM BigFix Platform version 9.1.1328.0 / 9.2.11.19 or
later.

Risk factor :

Medium / CVSS Base Score : 5.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P)
CVSS Temporal Score : 4.1
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 102019 ()

Bugtraq ID: 95131
99871
99916

CVE ID: CVE-2016-9840
CVE-2016-9841
CVE-2016-9842
CVE-2016-9843
CVE-2017-1203
CVE-2017-1219

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now