IBM BigFix Platform 9.x < 220.127.116.111 / 18.104.22.168 / 22.214.171.124 Multiple Vulnerabilities
Critical Nessus Plugin ID 96177
SynopsisAn infrastructure management application running on the remote host is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version, the IBM BigFix Platform application running on the remote host is 9.0.x or 9.1.x prior to 126.96.36.1991, 9.2.x prior to 188.8.131.52, or 9.5.x prior to 184.108.40.206. It is, therefore, affected by multiple vulnerabilities :
- A remote code execution vulnerability exists due to a use-after-free race condition. An unauthenticated, remote attacker can exploit this to execute arbitrary code.
- A denial of service vulnerability exists that is triggered when handling specially crafted XMLSchema requests. An unauthenticated, adjacent attacker can exploit this to crash the BES Server. Note that this issue only affects 9.0.x or 9.1.x versions prior to 9.1.9. (CVE-2016-6084)
- A denial of service vulnerability exists in the BES Root Server and BES Relay Memory due to improper handling of user-supplied input. An unauthenticated, adjacent attacker can exploit this to cause the system to crash.
Note that, additionally, several vulnerabilities possibly also exist in the bundled version of OpenSSL included in versions 9.0.x.
IBM BigFix Platform was formerly known as Tivoli Endpoint Manager, IBM Endpoint Manager, and IBM BigFix Endpoint Manager.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to IBM BigFix Platform version 220.127.116.111 / 18.104.22.168 / 22.214.171.124 or later.