Tenable SecurityCenter < 5.0.1 Multiple RCE (TNS-2015-10)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that is affected by multiple
remote code execution vulnerabilities.

Description :

According to its version, the installation of Tenable SecurityCenter
on the remote host is affected by multiple remote code execution
vulnerabilities :

- A flaw exists due to improper sanitization of
user-supplied files during upload functions. An
authenticated, remote attacker can exploit this, by
uploading a dashboard for another user, to execute
arbitrary code when the server processes the file.

- A flaw exists due to improper sanitization of
user-supplied files during upload functions. An
authenticated, remote attacker can exploit this, by
uploading a custom plugin or custom passive plugin with
a specially crafted archive file name, to execute
arbitrary code when the server processes the file.

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://www.tenable.com/security/tns-2015-10

Solution :

Upgrade to Tenable SecurityCenter version 4.6.2.2 / 4.7.1 / 4.8.2 and
apply the appropriate patch referenced in the vendor advisory.
Alternatively, upgrade to version 5.0.1 or later.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)

Family: Misc.

Nessus Plugin ID: 85183 ()

Bugtraq ID:

CVE ID: CVE-2015-4149
CVE-2015-4150

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now