FirePass contains a flaw that may allow a malicious user to bypass web filter restrictions. The issue is triggered when a user submits an IP address in a URL as a dotless, decimal value, which may allow to bypass any 'deny' statements that may have otherwise affected the IP address, resulting in a loss of integrity.

User of series 5 of the software should upgrade to version 5.5.2. There is also a feature release for verson 6 which addresses this issue. Users of 5.5.1 should contact the vendor for a hotfix. These measure have been reported to address this vulnerability.

• CVE ID: 2007-0188 (see also: NVD)
• Bugtraq ID: 21957
• Secunia Advisory ID: 23640
• Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0141.html
• Other Advisory URL: http://www.mnin.org/advisories/2007_firepass.pdf
• Vendor Specific News/Changelog Entry: https://tech.f5.com/home/solutions/sol6922.html

• Michael Ligh - mnin.org
• Greg Sinclair -