Symantec Protection Engine 7.0.x < 7.0.5 HF02 / 7.5.x < 7.5.5 HF01 / 7.8.x < 7.8.0 HF03 Multiple DoS (SYM16-015) (Linux)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

A security application installed on the remote host is affected by
multiple vulnerabilities.

Description :

The version of Symantec Protection Engine (SPE) installed on the
remote Linux host is 7.0.x prior to 7.0.5 hotfix 02, 7.5.x prior to
7.5.5 hotifx 01, or 7.8.x prior to 7.8.0 hotifx 03. It is, therefore,
affected by multiple denial of service vulnerabilities :

- A denial of service vulnerability exists in the
decomposer engine due to an out-of-bounds read error
that occurs when decompressing RAR archives. An
unauthenticated, remote attacker can exploit this, via a
specially crafted RAR file, to crash the application.
(CVE-2016-5309)

- A denial of service vulnerability exists in the
decomposer engine due to memory corruption issue that
occurs when decompressing RAR archives. An
unauthenticated, remote attacker can exploit this, via a
specially crafted RAR file, to crash the application.
(CVE-2016-5310)

See also :

http://www.nessus.org/u?a4125a0d
https://support.symantec.com/en_US/article.INFO3791.html

Solution :

Upgrade to Symantec Protection Engine (SPE) version 7.0.5 HF02 / 7.5.5
HF01 / 7.8.0 HF03 or later per the vendor advisory.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Misc.

Nessus Plugin ID: 93655 ()

Bugtraq ID: 92866
92868

CVE ID: CVE-2016-5309
CVE-2016-5310

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now