Lucene search
K

FireEye Operating System Multiple Vulnerabilities

🗓️ 07 Mar 2016 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 20 Views

FireEye OS Vulnerabilities, missing security patc

Refs
Code
SourceLink
nessuswww.nessus.org/u
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(89724);
  script_version("1.7");
  script_cvs_date("Date: 2019/01/02 11:18:37");


  script_name(english:"FireEye Operating System Multiple Vulnerabilities");
  script_summary(english:"Checks the version of FEOS.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"The remote host is running a version of FireEye Operating System
(FEOS) that is missing a vendor-supplied security patch. It is,
therefore, affected by multiple vulnerabilities :

  - A flaw exists in the Virtual Execution Engine (VXE)
    during the handling of file names that were previously
    flagged for the whitelist. A remote attacker can exploit
    this, via subsequent malicious files with the same file
    name, to bypass the analysis engine.

  - A flaw exists when handling a specially crafted URL that
    allows an authenticated, remote attacker to render
    plaintext in the web user interface post-authentication,
    resulting in the disclosure of sensitive information.

  NOTE: FX version 7.5.0 is affected by the Analysis Engine Evasion
  vulnerability, but NOT the URL Encoded Bypass vulnerability.
");
  # https://www.fireeye.com/content/dam/fireeye-www/support/pdfs/2015-q4-security-vulnerability-advisory.pdf
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ab6d5aa8");
  script_set_attribute(attribute:"solution", value:
"Apply the relevant patch referenced in the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:C/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/31");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/12/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/07");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fireeye:feos");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Firewalls");

  script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("fireeye_os_version.nbin");
  script_require_keys("Host/FireEye/series", "Host/FireEye/version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

app_name = "FireEye OS";
series = get_kb_item_or_exit("Host/FireEye/series");
version = get_kb_item_or_exit("Host/FireEye/version");
#CM < 7.5.0 but report fix as 7.6.2
#FX < 7.5.1 but 7.5.0 wouldnt be affected by the url encoded vuln

if (series == "NX") fix = "7.6.1";
else if (series == "EX") fix = "7.6.2";
else if (series == "FX") fix = "7.5.1";
else if (series == "AX") fix = "7.7.0";
else if (series == "CM") { fix = "7.5.0"; rptFix = "7.6.2"; }
else audit(AUDIT_DEVICE_NOT_VULN, "FireEye "+series);

if (ver_compare(ver:version, fix:fix, strict:FALSE) == -1)
{
  port = 0;
  if (empty_or_null(rptFix)) rptFix = fix;
  report =
      '\n  Series            : ' + series +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : ' + rptFix +
      '\n';

  security_report_v4(
    port       : port,
    severity   : SECURITY_WARNING,
    extra      : report
  );
  exit(0);
}
else audit(AUDIT_DEVICE_NOT_VULN, "FireEye "+series, version);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation