Buffer overflow in Tenable Nessus in Apple Inc. products - CVE-2016-0718
Published: July 22, 2016 / Updated: January 13, 2017
Vulnerability identifier: #VU200
CSH Severity: Critical
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red
CVE-ID: CVE-2016-0718
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Tenable Network Security
Oracle
Apple Inc.
Oracle
Apple Inc.
Affected software:
Tenable Nessus
Oracle Solaris
Oracle Linux
macOS
Oracle VM Server for x86
Tenable Nessus
Oracle Solaris
Oracle Linux
macOS
Oracle VM Server for x86
Detailed vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when handling malformed input documents. A remote unauthenticated attacker can trigger a buffer overflow in the Expat XML parser library and execute arbitrary code by sending specially crafted data to vulnerable server.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
The vulnerability exists due to boundary error when handling malformed input documents. A remote unauthenticated attacker can trigger a buffer overflow in the Expat XML parser library and execute arbitrary code by sending specially crafted data to vulnerable server.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
How to mitigate CVE-2016-0718
Install the latest version (6.8).
Sources
- http://www.tenable.com/security/tns-2016-11
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
- https://support.apple.com/cs-cz/HT206903