F5 FirePass 1200 SNMP daemon DoS

2008-07-06 / 2008-07-07

Credit: nnposter

Risk: Low

Local: Yes

Remote: No

CVE: CVE-2008-3149

CWE: Not in CWE

Ogólna skala CVSS: 7.8/10

Znaczenie: 6.9/10

Łatwość wykorzystania: 10/10

Wymagany dostęp: Zdalny

Złożoność ataku: Niska

Autoryzacja: Nie wymagana

Wpływ na poufność: Brak

Wpływ na integralność: Brak

Wpływ na dostępność: Pełny

 F5 FirePass 1200 SNMP daemon DoS
Product: F5 FirePass 1200
http://www.f5.com/products/firepass/
The F5 FirePass 1200 SSL VPN appliance contains a denial-of-service vulnerability in the SNMP daemon. Traversing (walking) OID branch hrSWInstalled in HOST-RESOURCES-MIB (OID 1.3.6.1.2.1.25.6) will cause the daemon to crash. No analysis has been done to determine if the vulnerability is further exploitable.
The vulnerability has been identified in version 6.0.2, hotfix 3. However, other versions may be also affected.
Solution:
Limit network access to the SNMP daemon.
Found by:
nnposter

Referencje:

http://www.securityfocus.com/bid/30090

http://www.securityfocus.com/archive/1/archive/1/493950/100/0/threaded

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

F5 FirePass 1200 SNMP daemon DoS

Referencje:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.