F5 FirePass SSL VPN Remote Code Execution Vulnerability
Last Update Date:
5 Dec 2012 10:26
Release Date:
5 Dec 2012
5708
Views
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities have been identified in F5 FirePass, which can be exploited by malicious user to include and execute PHP code on the target system.
The 'CitrixAuth.php' script does not properly validate user-supplied input in the 'sessionId' parameter. A remote user can supply a specially crafted URL to cause the target system to include and execute files located on the target system. A remote user can also exploit this flaw to view or delete files located on the target system.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
- F5 FirePass 7.0.0 HF-70-6 and prior versions
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply HF-70-7 or HF-388207-1:
http://support.f5.com/kb/en-us/solutions/public/14000/000/sol14046.html
http://support.f5.com/kb/en-us/solutions/public/13000/800/sol13826.html
Vulnerability Identifier
- No CVE information is available
Source
Related Link
- http://securitytracker.com/id/1027832
- http://support.f5.com/kb/en-us/solutions/public/14000/000/sol14046.html
- http://support.f5.com/kb/en-us/solutions/public/13000/800/sol13826.html
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20121203-0_F5_FirePass_SSL_VPN_Local_File_Inclusion_v10.txt
Share with