F5 FirePass 1200 SNMP daemon DoS

2008.07.07
Credit: nnposter
Risk: Low
Local: Yes
Remote: No
CWE: Not in CWE


CVSS Base Score: 7.8/10
Impact Subscore: 6.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Complete

F5 FirePass 1200 SNMP daemon DoS Product: F5 FirePass 1200 http://www.f5.com/products/firepass/ The F5 FirePass 1200 SSL VPN appliance contains a denial-of-service vulnerability in the SNMP daemon. Traversing (walking) OID branch hrSWInstalled in HOST-RESOURCES-MIB (OID 1.3.6.1.2.1.25.6) will cause the daemon to crash. No analysis has been done to determine if the vulnerability is further exploitable. The vulnerability has been identified in version 6.0.2, hotfix 3. However, other versions may be also affected. Solution: Limit network access to the SNMP daemon. Found by: nnposter

References:

http://www.securityfocus.com/bid/30090
http://www.securityfocus.com/archive/1/archive/1/493950/100/0/threaded


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top