Tenable SecurityCenter < 5.3.0 Multiple Vulnerabilities (TNS-2016-04)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The Tenable SecurityCenter application installed on the remote host is
affected by multiple vulnerabilities.

Description :

The Tenable SecurityCenter application installed on the remote host is
either prior to version 5.3.0 or is missing a security patch. It is,
therefore, affected by multiple vulnerabilities in the Perl-Compatible
Regular Expressions (PCRE) library bundled with PHP :

- An overflow condition exists in the PCRE library due to
improper validation of user-supplied input when handling
repeated conditional groups. An attacker can exploit
this, via a specially crafted regular expression, to
cause a buffer overflow, resulting in a denial of
service condition. (CVE-2015-8383)

- An overflow condition exists in the PCRE library due to
improper validation of user-supplied input when handling
mutual recursions within a 'lookbehind' assertion. An
attacker can exploit this to cause a stack-based buffer
overflow, resulting in a denial of service condition.
(CVE-2015-8386)

- An integer overflow condition exists in the PCRE library
due to improper validation of user-supplied input when
handling subroutine calls. An attacker can exploit this,
via a specially crafted regular expression, to cause a
denial of service condition. (CVE-2015-8387)

- A flaw exists in the PCRE library due to improper
handling of the /(?:|a|){100}x/ pattern or other related
patterns. An attacker can exploit this, via a specially
crafted regular expression, to cause an infinite
recursion, resulting in a denial of service condition.
(CVE-2015-8389)

- A flaw exists in the PCRE library due to improper
handling of the [: and \\ substrings in character
classes. An attacker can exploit this, via a specially
crafted regular expression, to cause an uninitialized
memory read, resulting in a denial of service condition.
(CVE-2015-8390)

- A flaw exists in the PCRE library in the pcre_compile()
function in pcre_compile.c due to improper handling of
[: nesting. An attacker can exploit this, via a
specially crafted regular expression, to cause an
excessive consumption of CPU resources, resulting in a
denial of service condition. (CVE-2015-8391)

- A flaw exists in the PCRE library due to improper
handling of the '-q' option for binary files. An
attacker can exploit this, via a specially crafted file,
to disclose sensitive information. (CVE-2015-8393)

- An integer overflow condition exists in the PCRE library
due to improper validation of user-supplied input when
handling the (?(<digits>) and (?(R<digits>) conditions.
An attacker can exploit this, via a specially crafted
regular expression, to cause a denial of service
condition. (CVE-2015-8394)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://www.tenable.com/security/tns-2016-04
https://secure.php.net/ChangeLog-5.php#5.6.18

Solution :

Upgrade to SecurityCenter version 5.3.0 or later. Alternatively, apply
patch SC-201603.1-5.x-rh5-64.tgz / SC-201603.1-5.x-rh6-64.tgz.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVSS Temporal Score : 3.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now