Palo Alto Networks PAN-OS 7.0.7 Multiple Vulnerabilities

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by multiple vulnerabilities.

Description :

The version of Palo Alto Networks PAN-OS running on the remote host is
7.0.7. It is, therefore, affected by multiple vulnerabilities :

- A flaw exists in the passive firewall where a VM-series
ESXi configuration processes and forwards traffic. No
other details are available. (VulnDB 138971)

- An unspecified overflow condition exists due to improper
validation of user-supplied input. An unauthenticated,
remote attacker can exploit this to cause a denial of
service condition or the execution of arbitrary code.
(VulnDB 138972)

- An unspecified underflow condition exists due to
improper validation of user-supplied input. An
unauthenticated, remote attacker can exploit this to
have an unspecified impact. No other details are
available. (VulnDB 138973)

- A flaw exists in the API interface due to sending
inappropriate responses to special requests. An
unauthenticated, remote attacker can exploit this to
have an unspecified impact. No other details are
available. (VulnDB 138974)

- A flaw exists in the command line interface (CLI) that
allows a local attacker to improperly execute code. No
other details are available. (VulnDB 138975)

- A flaw exists that is related to the management plane
account restrictions. An authenticated, remote attacker
can exploit this to cause a denial of service condition.
(VulnDB 138976)

- A flaw exists when handling improperly formatted API
calls to Panorama. An unauthenticated, remote attacker
can exploit this to cause a system daemon to stop
responding, resulting in a denial of service.
(VulnDB 138977)

- A flaw exists when handling HTTP GET packets that allows
an unauthenticated, remote attacker to bypass the
firewall even when the URL filtering profile was
configured to block packets in this URL category.
(VulnDB 138978)

See also :

http://www.nessus.org/u?f9e38843

Solution :

Upgrade to Palo Alto Networks PAN-OS version 7.1.0 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Palo Alto Local Security Checks

Nessus Plugin ID: 91674 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now