OSVDB ID: 35246

Title: F5 FirePass 4100 SSL VPN my.activation.php3 username Variable Arbitrary Command Injection

Info

Disclosure

Jun 04, 2007

Discovery

Feb 14, 2007

Dates

Exploit

Unknown

Solution

Unknown

Description

F5 Firepass 4100 contains a flaw that may allow a malicious user to execute arbitrary shell commands. The issue is triggered due to the 'username' variable in script 'my.activation.php3' does not properly verify user-supplied input. It is possible that the flaw may allow code execution under unspecified circumstances resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, F5 Networks has released a patch (HF-75705-76003-1) to address this vulnerability.

Products

F5 Networks, Inc.

FirePass

4100

References

Security Tracker: 1018190
CVE ID: 2007-3097 (see also: NVD)
Bugtraq ID: 24306
Secunia Advisory ID: 25563
ISS X-Force ID: 34708
VUPEN Advisory: ADV-2007-2073
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-06/0027.html
Vendor URL: http://www.f5.com
Other Advisory URL: http://www.s21sec.com/avisos/s21sec-035-en.txt
Vendor Specific Advisory URL: https://tech.f5.com/home/solutions/sol167.html

Credit

Leonardo Nve - lnves21sec.com - S21sec

Direct URL: http://osvdb.org/36218