Home / vulnerabilitiesPDF  

Tanium Arbitrary File Overwrite

Posted on 10 June 2015
Source : packetstormsecurity.org Link

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Earlier today, Tanium was made aware of a potential scripting vulnerability
affecting the Tanium Platform. Our internal investigation revealed
vulnerabilities in some scripts and fixes have been made available via a
content update. No upgrade of the Tanium Platform (including the Tanium
Server, Tanium Console, and Tanium Client) is required to close this
vulnerability.

The vulnerability can be exploited on any version of the Tanium Platform
containing the vulnerable code and can be fixed via a content update. The
vulnerability was found in four Sensors and applies only on Linux, Mac, and
Unix clients.

The vulnerability leverages an insecure temporary file creation process
used by these Sensors. When deployed on Linux, Mac or Unix systems,
non-privileged users can arbitrarily overwrite any file. The attack must
coincide with a legitimate Tanium operator asking a Question or executing
an Action using one of the affected Sensors:
- - Established Connections
- - Established Ports by Application
- - Listen Ports
- - Tanium Client Subnet

Tanium strongly advises customers to take immediate action and perform a
content upgrade. Customers may contact Tanium at support@tanium.com, visit
our Support Portal at http://support.tanium.com, or contact an assigned
Technical Account Manager for additional information or clarification on
content upgrade steps.

Security is of the upmost importance to Tanium and we encourage researchers
to quickly let us know when they find security vulnerabilities. To that
end, if you believe you’ve found a security vulnerability in our product
please send an email to us at security@tanium.com. When reporting
vulnerabilities you can encrypt your message using our PGP key (
https://pgp.mit.edu/pks/lookup?op=get&search=0xD279B5765DFC25D8). Please
try and provide as much information in your report, such as version
information and any proof-of-concept code or special configurations
required to reproduce the issue. Once your message is received our security
and engineering teams will review your submission and provide a response as
quickly as possible.

Justin Burke
Staff Software Engineer, Tanium Inc.
jburke@tanium.com

-----BEGIN PGP SIGNATURE-----

iQF8BAEBCgBmBQJVcUZKXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREREM3MjMyRjIxQjFDQTdFRUY0RkQ0ODQx
MDU1RERBNEIxM0FDMkJGAAoJEBBV3aSxOsK/JYMH/AkPXLD9mMUVOLbi9KH7zxKZ
MsmcMixtaNdnwvqbE4m8RkzxAn2NNVGGg1JthO4oLpqWjI/uS4J2ibFIgZ2H77Kt
8e2iPKKm3huZU2lpiwBETShMI/QsZiZvVHMdfmHSy+SmpWFSfLQGjAdUIiAfQ72A
hyu6PkUs2iIT0fcUhaFX9as6LoSHPB/6o00zx1SOcXP816sZrY5QikIBYLBe0wGJ
obpvRTpjuHyBoK/AwhKBA9P4uvM104TYVl8pH6R+h3MIEw2UGMbWcJK98l18JIh5
AwvCMPO0L2lSHZD/RPytkV0tP2zDSCb9Wylklx7qC0Y5aZG/8nfB+JhVyoCIVs4=
=VGf8
-----END PGP SIGNATURE-----

 

TOP