Tenable SecurityCenter Multiple PHP Vulnerabilities (TNS-2015-06)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.

Synopsis :

The remote application is affected by multiple vulnerabilities.

Description :

The SecurityCenter application installed on the remote host is
affected by multiple vulnerabilities in the bundled version of PHP
that is prior to version 5.4.41. It is, therefore, affected by the
following vulnerabilities :

- Multiple flaws exist related to using pathnames
containing NULL bytes. A remote attacker can exploit
these flaws, by combining the '\0' character with a safe
file extension, to bypass access restrictions. This had
been previously fixed but was reintroduced by a
regression in versions 5.4+. (CVE-2006-7243,

- Multiple heap buffer overflow conditions exist in the
bundled Perl-Compatible Regular Expression (PCRE)
library due to improper validation of user-supplied
input to the compile_branch() and pcre_compile2()
functions. A remote attacker can exploit these
conditions to cause a heap-based buffer overflow,
resulting in a denial of service condition or the
execution of arbitrary code. (CVE-2015-2325,

- A flaw exists in the multipart_buffer_headers() function
in rfc1867.c due to improper handling of
multipart/form-data in HTTP requests. A remote attacker
can exploit this flaw to cause a consumption of CPU
resources, resulting in a denial of service condition.

See also :


Solution :

Apply the relevant patch referenced in the vendor advisory.

Risk factor :

Critical / CVSS Base Score : 10.0

Family: Misc.

Nessus Plugin ID: 85566 ()

Bugtraq ID: 44951

CVE ID: CVE-2006-7243

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now