Palo Alto Networks PAN-OS 7.0.7 Multiple Vulnerabilities

Critical Nessus Plugin ID 91674

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Palo Alto Networks PAN-OS running on the remote host is 7.0.7. It is, therefore, affected by multiple vulnerabilities :

- A flaw exists in the passive firewall where a VM-series ESXi configuration processes and forwards traffic. No other details are available. (VulnDB 138971)

- An unspecified overflow condition exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code.
(VulnDB 138972)

- An unspecified underflow condition exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to have an unspecified impact. No other details are available. (VulnDB 138973)

- A flaw exists in the API interface due to sending inappropriate responses to special requests. An unauthenticated, remote attacker can exploit this to have an unspecified impact. No other details are available. (VulnDB 138974)

- A flaw exists in the command line interface (CLI) that allows a local attacker to improperly execute code. No other details are available. (VulnDB 138975)

- A flaw exists that is related to the management plane account restrictions. An authenticated, remote attacker can exploit this to cause a denial of service condition.
(VulnDB 138976)

- A flaw exists when handling improperly formatted API calls to Panorama. An unauthenticated, remote attacker can exploit this to cause a system daemon to stop responding, resulting in a denial of service.
(VulnDB 138977)

- A flaw exists when handling HTTP GET packets that allows an unauthenticated, remote attacker to bypass the firewall even when the URL filtering profile was configured to block packets in this URL category.
(VulnDB 138978)

Solution

Upgrade to Palo Alto Networks PAN-OS version 7.1.0 or later.

See Also

http://www.nessus.org/u?f9e38843

Plugin Details

Severity: Critical

ID: 91674

File Name: palo_alto_pan-os_7_1_0.nasl

Version: 1.5

Type: combined

Published: 2016/06/17

Modified: 2018/08/08

Dependencies: 72816

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version

Patch Publication Date: 2016/04/06

Vulnerability Publication Date: 2016/04/06