SB2023032250 - Multiple vulnerabilities in Tenable.sc
Published: March 22, 2023 Updated: December 6, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) HTTP response splitting (CVE-ID: CVE-2023-27522)
The vulnerability allows a remote attacker to perform HTTP splitting attacks.
The vulnerability exists due to software does not correclty process CRLF character sequences in mod_proxy_uwsgi. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.
Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.
2) HTTP response splitting (CVE-ID: CVE-2023-25690)
The vulnerability allows a remote attacker to perform HTTP splitting attacks.
The vulnerability exists due to software does not correclty process CRLF character sequences in mod_rewrite and mod_proxy. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.
Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.
3) Input validation error (CVE-ID: CVE-2023-0662)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when parsing multipart request body. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
4) Out-of-bounds write (CVE-ID: CVE-2023-0568)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in fopen_wrappers.c. A remote attacker can pass a specially crafted filename to the affected application, trigger a one-byte buffer overflow and crash the application or potentially execute arbitrary code.
Remediation
Install update from vendor's website.