Test ID:	1.3.6.1.4.1.25623.1.0.106826
Category:	Palo Alto PAN-OS Local Security Checks
Title:	Palo Alto PAN-OS Kernel Vulnerability
Summary:	A vulnerability exists in the kernel of PAN-OS that may result in;Information Disclosure.
Description:	Summary: A vulnerability exists in the kernel of PAN-OS that may result in Information Disclosure. Vulnerability Insight: The challenge ACK rate limiting in the kernel's networking subsystem may allow an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the changes by probing packets. Affected Software/OS: PAN-OS 6.1, PAN-OS 7.0.15 and earlier, PAN-OS 7.1.9 and earlier. Solution: Update to PAN-OS 7.0.16, 7.1.10 or later. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5696 BugTraq ID: 91704 http://www.securityfocus.com/bid/91704 http://www.prnewswire.com/news-releases/mitnick-attack-reappears-at-geekpwn-macau-contest-300270779.html https://github.com/Gnoxter/mountain_goat https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_cao.pdf http://www.openwall.com/lists/oss-security/2016/07/12/2 RedHat Security Advisories: RHSA-2016:1631 http://rhn.redhat.com/errata/RHSA-2016-1631.html RedHat Security Advisories: RHSA-2016:1632 http://rhn.redhat.com/errata/RHSA-2016-1632.html RedHat Security Advisories: RHSA-2016:1633 http://rhn.redhat.com/errata/RHSA-2016-1633.html RedHat Security Advisories: RHSA-2016:1657 http://rhn.redhat.com/errata/RHSA-2016-1657.html RedHat Security Advisories: RHSA-2016:1664 http://rhn.redhat.com/errata/RHSA-2016-1664.html RedHat Security Advisories: RHSA-2016:1814 http://rhn.redhat.com/errata/RHSA-2016-1814.html RedHat Security Advisories: RHSA-2016:1815 http://rhn.redhat.com/errata/RHSA-2016-1815.html RedHat Security Advisories: RHSA-2016:1939 http://rhn.redhat.com/errata/RHSA-2016-1939.html http://www.securitytracker.com/id/1036625 http://www.ubuntu.com/usn/USN-3070-1 http://www.ubuntu.com/usn/USN-3070-2 http://www.ubuntu.com/usn/USN-3070-3 http://www.ubuntu.com/usn/USN-3070-4 http://www.ubuntu.com/usn/USN-3071-1 http://www.ubuntu.com/usn/USN-3071-2 http://www.ubuntu.com/usn/USN-3072-1 http://www.ubuntu.com/usn/USN-3072-2
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.