PAN-OS Vulnerabilities Addressed

Monday, February 29, 2016 @ 06:02 PM gHale

Palo Alto Networks updated PAN-OS, the operating system of its enterprise security platform, to fix vulnerabilities.

The most serious of the issues is a critical buffer overflow in the GlobalProtect portal. The vulnerability, caused by the improper handling of a buffer in the processing of SSL VPN requests, can end up exploited to cause a denial-of-service (DoS) condition and crash a device, and possibly even allow remote code execution, the company said in an advisory.

HPS, PAN Team in Security Offering
Cisco Fixes Command Injection Flaw
Cisco Industrial Switch Flaw Unpatched
Cisco Fixes Firewall Vulnerability

Palo Alto Networks also fixed a high severity vulnerability that allows a remote, unauthenticated attacker with access to the device management web interface to execute arbitrary OS commands.

Another issue related to the GlobalProtect portal is a medium severity flaw that can end up leveraged by an unauthenticated attacker with network access to remotely cause the portal to crash.

Palo Alto Networks also published an advisory to point out a low severity issue that allows an authenticated attacker with administrator rights to execute commands on the OS level with root privileges.

The critical and high severity vulnerabilities affect PAN-OS versions 5.0.17, 6.0.12, 6.1.9, 7.0.4 and prior, and they have been patched with the release of PAN-OS 5.0.18, 6.0.13, 6.1.10 and 7.0.5. The medium severity flaw impacts releases 5.0.17, 6.0.12, 6.1.9, 7.0.5 and prior, and it’s resolved in PAN-OS 5.0.18, 6.0.13, 6.1.10, 7.0.5H2 and newer. The low severity issue plagues versions 5.0.17, 5.1.10, 6.0.12, 6.1.9, 7.0.5 and prior, and it has been fixed in 5.0.18, 5.1.11, 6.0.13, 6.1.10 and 7.0.5H2 and newer.

The security researcher that discovered the vulnerabilities will disclose the details at a conference March 16, so users should apply patches as soon as possible, said officials at the SANS Institute.