Palo Alto Networks PAN-OS 7.0.x < 7.0.5 Multiple Vulnerabilities

Critical Nessus Plugin ID 91970

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Palo Alto Networks PAN-OS running on the remote host is 7.0.x < 7.0.5. It is, therefore, affected by multiple vulnerabilities :

- A buffer overflow condition exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of service or the execution of arbitrary code.
(VulnDB 138972)

- A flaw exists in the API due to sending inappropriate responses to special requests. An unauthenticated, remote attacker can exploit this to have an unspecified impact. (VulnDB 138974)

- An unspecified flaw exists that allows an authenticated, remote attacker to access potentially sensitive information in the system logs. (VulnDB 139991)

- A flaw exists in the firewall functionality due to session timeout values being ignored, which allows administrator sessions to be automatically refreshed.
An unauthenticated, remote attacker can exploit this to more easily gain access to a user's session.
(VulnDB 139992)

- A flaw exists when handling mutated traffic from third-party signature detection software that causes a VM-Series disk to become corrupted and enter maintenance mode. An unauthenticated, remote attacker can exploit this to impact the integrity of the system.
(VulnDB 139993)

- A flaw exists in the firewall functionality that is triggered during the SSL handshake when the firewall receives a Hello packet from the server that has a higher SSL protocol version than the Hello packet received from the client. An unauthenticated, remote attacker can exploit this to cause the dataplane to restart, resulting in a denial of service condition.
(VulnDB 139994)

- A security bypass vulnerability exists in the XML API that allows an authenticated, remote attacker with superuser read-only permissions to bypass intended restrictions and perform a commit. (VulnDB 139995)

- A flaw exists in the firewall functionality due to not accurately checking certificate revocation status via OSCP when the OCSP request does not include the HOST header option. An unauthenticated, remote attacker can exploit this to impact the integrity of the system.
(VulnDB 139996)

Solution

Upgrade to Palo Alto Networks PAN-OS version 7.0.5 or later.

See Also

http://www.nessus.org/u?21ad624a

Plugin Details

Severity: Critical

ID: 91970

File Name: palo_alto_pan-os_7_0_5.nasl

Version: 1.4

Type: combined

Published: 2016/07/07

Modified: 2018/08/08

Dependencies: 72816

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version

Patch Publication Date: 2016/02/09

Vulnerability Publication Date: 2016/02/09