article Palo Alto Networks Security Advisories [20-July-2017] in PSIRT Articles https://live.paloaltonetworks.com/t5/psirt-articles/palo-alto-networks-security-advisories-20-july-2017/ta-p/167560 <DIV class="lia-message-template-content-zone"><P>Palo Alto Networks has published 3 new and 2 updated Security Advisory addressing several security issue to <A href="https://securityadvisories.paloaltonetworks.com/" target="_self">https://securityadvisories.paloaltonetworks.com/</A> .</P> <P>&nbsp;</P> <P><STRONG>New Security Advisories</STRONG></P> <P>&nbsp;</P> <P><STRONG>PAN-SA-2017-0021 - Vulnerability in the PAN-OS DNS Proxy</STRONG></P> <UL> <LI>Critical Severity</LI> <LI>Fixed in PAN-OS 6.1.18, PAN-OS 7.0.16, PAN-OS 7.1.10, PAN-OS 8.0.3</LI> <LI>Affects DNS Proxy of PAN-OS</LI> <LI>CVE-2017-8390</LI> <LI><A href="https://live.paloaltonetworks.com/t5/Customer-Advisories/FAQ-for-Palo-Alto-Networks-Security-Advisory-PAN-SA-2017-0021/ta-p/167549" target="_self">FAQ</A>&nbsp;</LI> </UL> <P><STRONG>PAN-SA-2017-0020 - Cross-Site Scripting in PAN-OS</STRONG></P> <UL> <LI>Medium Severity</LI> <LI>Fixed in PAN-OS 6.1.18, PAN-OS 7.0.16, PAN-OS 7.1.11, PAN-OS 8.0.3</LI> <LI>Affects the GlobalProtect external interface of PAN-OS</LI> <LI>CVE-2017-9467</LI> </UL> <P><STRONG>PAN-SA-2017-0019 - Cross-Site Scripting in the Management Web Interface</STRONG></P> <UL> <LI>Medium Severity</LI> <LI>Fixed in PAN-OS 6.1.18, PAN-OS 7.0.16, PAN-OS 7.1.11, PAN-OS 8.0.3</LI> <LI>Affects the Management Interface of PAN-OS</LI> <LI>CVE-2017-9459</LI> </UL> <P><STRONG>Updated Security Advisories</STRONG></P> <P>&nbsp;</P> <P><STRONG>PAN-SA-2017-0017 - OpenSSL Vulnerability</STRONG></P> <UL> <LI>6.1.18 Fix available</LI> </UL> <P><STRONG>PAN-SA-2017-0018 - Kernel Vulnerability</STRONG></P> <UL> <LI>6.1.18 Fix available</LI> </UL> <P>Details of the issues, affected versions, and any mitigation information can be found in the Security Advisories.

</P> <P>&nbsp;</P> <P>Please visit our Security Advisories website to learn more at <A href="https://securityadvisories.paloaltonetworks.com/" target="_self">https://securityadvisories.paloaltonetworks.com/</A></P> <P>&nbsp;</P> <P>

If you have questions, please contact support <A href="https://www.paloaltonetworks.com/company/contact-support

" target="_self">https://www.paloaltonetworks.com/company/contact-support

</A></P> <P>&nbsp;</P> <P>Regards
</P> <P>Product Security Incident Response Team
<BR />Palo Alto Networks</P> </DIV> Thu, 20 Jul 2017 20:37:28 GMT kshorrock 2017-07-20T20:37:28Z Palo Alto Networks Security Advisories [20-July-2017] https://live.paloaltonetworks.com/t5/psirt-articles/palo-alto-networks-security-advisories-20-july-2017/ta-p/167560 <DIV class="lia-message-template-content-zone"><P>Palo Alto Networks has published 3 new and 2 updated Security Advisory addressing several security issue to <A href="https://securityadvisories.paloaltonetworks.com/" target="_self">https://securityadvisories.paloaltonetworks.com/</A> .</P> <P>&nbsp;</P> <P><STRONG>New Security Advisories</STRONG></P> <P>&nbsp;</P> <P><STRONG>PAN-SA-2017-0021 - Vulnerability in the PAN-OS DNS Proxy</STRONG></P> <UL> <LI>Critical Severity</LI> <LI>Fixed in PAN-OS 6.1.18, PAN-OS 7.0.16, PAN-OS 7.1.10, PAN-OS 8.0.3</LI> <LI>Affects DNS Proxy of PAN-OS</LI> <LI>CVE-2017-8390</LI> <LI><A href="https://live.paloaltonetworks.com/t5/Customer-Advisories/FAQ-for-Palo-Alto-Networks-Security-Advisory-PAN-SA-2017-0021/ta-p/167549" target="_self">FAQ</A>&nbsp;</LI> </UL> <P><STRONG>PAN-SA-2017-0020 - Cross-Site Scripting in PAN-OS</STRONG></P> <UL> <LI>Medium Severity</LI> <LI>Fixed in PAN-OS 6.1.18, PAN-OS 7.0.16, PAN-OS 7.1.11, PAN-OS 8.0.3</LI> <LI>Affects the GlobalProtect external interface of PAN-OS</LI> <LI>CVE-2017-9467</LI> </UL> <P><STRONG>PAN-SA-2017-0019 - Cross-Site Scripting in the Management Web Interface</STRONG></P> <UL> <LI>Medium Severity</LI> <LI>Fixed in PAN-OS 6.1.18, PAN-OS 7.0.16, PAN-OS 7.1.11, PAN-OS 8.0.3</LI> <LI>Affects the Management Interface of PAN-OS</LI> <LI>CVE-2017-9459</LI> </UL> <P><STRONG>Updated Security Advisories</STRONG></P> <P>&nbsp;</P> <P><STRONG>PAN-SA-2017-0017 - OpenSSL Vulnerability</STRONG></P> <UL> <LI>6.1.18 Fix available</LI> </UL> <P><STRONG>PAN-SA-2017-0018 - Kernel Vulnerability</STRONG></P> <UL> <LI>6.1.18 Fix available</LI> </UL> <P>Details of the issues, affected versions, and any mitigation information can be found in the Security Advisories.

</P> <P>&nbsp;</P> <P>Please visit our Security Advisories website to learn more at <A href="https://securityadvisories.paloaltonetworks.com/" target="_self">https://securityadvisories.paloaltonetworks.com/</A></P> <P>&nbsp;</P> <P>

If you have questions, please contact support <A href="https://www.paloaltonetworks.com/company/contact-support

" target="_self">https://www.paloaltonetworks.com/company/contact-support

</A></P> <P>&nbsp;</P> <P>Regards
</P> <P>Product Security Incident Response Team
<BR />Palo Alto Networks</P> </DIV> Thu, 20 Jul 2017 20:37:28 GMT https://live.paloaltonetworks.com/t5/psirt-articles/palo-alto-networks-security-advisories-20-july-2017/ta-p/167560 kshorrock 2017-07-20T20:37:28Z