IBM BigFix Platform 9.x < 9.1.9 / 9.2.x < 9.2.9 / 9.5.x < 9.5.4 Multiple Vulnerabilities

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

An infrastructure management application running on the remote host
is affected by multiple vulnerabilities.

Description :

According to its self-reported version, the IBM BigFix Platform
application running on the remote host is 9.x prior to 9.1.9, 9.2.x
prior to 9.2.9, or 9.5.x prior to 9.5.4. It is, therefore, affected by
multiple vulnerabilities :

- A remote code execution vulnerability exists due to a
use-after-free race condition. An unauthenticated, remote
attacker can exploit this to execute arbitrary code.
(CVE-2016-6082)

- A denial of service vulnerability exists that is
triggered when handling specially crafted XMLSchema
requests. An unauthenticated, adjacent attacker can
exploit this to crash the BES Server. Note that this
issue only affects 9.0.x or 9.1.x versions prior to
9.1.9. (CVE-2016-6084)

- A denial of service vulnerability exists in the BES Root
Server and BES Relay Memory when handling unspecified
user-supplied input. An unauthenticated, adjacent
attacker can exploit this to cause the system to crash.
(CVE-2016-6085)

Note that, additionally, several vulnerabilities possibly also exist
in the bundled version of OpenSSL included in versions 9.0.x.

IBM BigFix Platform was formerly known as Tivoli Endpoint Manager,
IBM Endpoint Manager, and IBM BigFix Endpoint Manager.

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21996339
http://www-01.ibm.com/support/docview.wss?uid=swg21996348
http://www-01.ibm.com/support/docview.wss?uid=swg21996375

Solution :

Upgrade to IBM BigFix Platform version 9.1.9 / 9.2.9 / 9.5.4 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 96626 ()

Bugtraq ID: 95286
95291
95297

CVE ID: CVE-2016-6082
CVE-2016-6084
CVE-2016-6085

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now