Palo Alto Networks PAN-OS 5.0.9 Multiple Vulnerabilities
Low Nessus Plugin ID 72828
SynopsisThe remote host is affected by multiple vulnerabilities.
DescriptionThe remote host is running version 5.0.9 of Palo Alto Networks PAN-OS.
It is, therefore, affected by multiple vulnerabilities :
- A denial of service vulnerability exists due to an inability to handle IP packets larger than 1480 bytes through an Active/Active VWire setup. An attacker can exploit this vulnerability to cause packet loss.
- A security bypass vulnerability exists due to a flaw in Zone Protection when SYN Cookie is enabled. An attacker can exploit this vulnerability to evade IP spoofing checks. (Ref# 57059)
- A security bypass vulnerability exists due to a flaw in session management when using Global Protect pre-logon mode. (Ref# 58539)
SolutionUpgrade to PAN-OS version 5.0.10 or later.