Palo Alto Networks PAN-OS 7.0.x < 7.0.5 Multiple Vulnerabilities

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by multiple vulnerabilities.

Description :

The version of Palo Alto Networks PAN-OS running on the remote host is
7.0.x < 7.0.5. It is, therefore, affected by multiple vulnerabilities :

- A buffer overflow condition exists due to improper
validation of user-supplied input. An unauthenticated,
remote attacker can exploit this to cause a denial of
service or the execution of arbitrary code.
(VulnDB 138972)

- A flaw exists in the API due to sending inappropriate
responses to special requests. An unauthenticated,
remote attacker can exploit this to have an unspecified
impact. (VulnDB 138974)

- An unspecified flaw exists that allows an authenticated,
remote attacker to access potentially sensitive
information in the system logs. (VulnDB 139991)

- A flaw exists in the firewall functionality due to
session timeout values being ignored, which allows
administrator sessions to be automatically refreshed.
An unauthenticated, remote attacker can exploit this to
more easily gain access to a user's session.
(VulnDB 139992)

- A flaw exists when handling mutated traffic from
third-party signature detection software that causes a
VM-Series disk to become corrupted and enter maintenance
mode. An unauthenticated, remote attacker can exploit
this to impact the integrity of the system.
(VulnDB 139993)

- A flaw exists in the firewall functionality that is
triggered during the SSL handshake when the firewall
receives a Hello packet from the server that has a
higher SSL protocol version than the Hello packet
received from the client. An unauthenticated, remote
attacker can exploit this to cause the dataplane to
restart, resulting in a denial of service condition.
(VulnDB 139994)

- A security bypass vulnerability exists in the XML API
that allows an authenticated, remote attacker with
superuser read-only permissions to bypass intended
restrictions and perform a commit. (VulnDB 139995)

- A flaw exists in the firewall functionality due to not
accurately checking certificate revocation status via
OSCP when the OCSP request does not include the HOST
header option. An unauthenticated, remote attacker can
exploit this to impact the integrity of the system.
(VulnDB 139996)

See also :

http://www.nessus.org/u?21ad624a

Solution :

Upgrade to Palo Alto Networks PAN-OS version 7.0.5 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Palo Alto Local Security Checks

Nessus Plugin ID: 91970 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now