F5 FirePass 1200 SNMP daemon DoS

2008-07-06 / 2008-07-07

Credit: nnposter

Risk: Low

Local: Yes

Remote: No

CVE: CVE-2008-3149

CWE: Not in CWE

CVSS Base Score: 7.8/10

Impact Subscore: 6.9/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: None

Integrity impact: None

Availability impact: Complete

 F5 FirePass 1200 SNMP daemon DoS
Product: F5 FirePass 1200
http://www.f5.com/products/firepass/
The F5 FirePass 1200 SSL VPN appliance contains a denial-of-service vulnerability in the SNMP daemon. Traversing (walking) OID branch hrSWInstalled in HOST-RESOURCES-MIB (OID 1.3.6.1.2.1.25.6) will cause the daemon to crash. No analysis has been done to determine if the vulnerability is further exploitable.
The vulnerability has been identified in version 6.0.2, hotfix 3. However, other versions may be also affected.
Solution:
Limit network access to the SNMP daemon.
Found by:
nnposter

References:

http://www.securityfocus.com/bid/30090

http://www.securityfocus.com/archive/1/archive/1/493950/100/0/threaded

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

F5 FirePass 1200 SNMP daemon DoS

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.