K8186 : Cross-site scripting vulnerability in Apache mod_imap CVE-2007-5000

Security Advisory Description

Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5 security vulnerability response policy.

F5 products and versions that have been evaluated for this Security Advisory

F5 Product Development has determined the likelihood of exploitation is low for the cross-site scripting (XSS) vulnerability disclosed in CVE-2007-5000. Exploiting this vulnerability would require an administrator of an F5 device to interact with a web page crafted by an attacker. Possible attacks could include recovering that administrator or operator’s password to the BIG-IP.

Note: The BIG-IP system ships with themod_imapmodule, however the BIG-IP Configuration utility does not use or rely onmod_imap.

Information about this advisory is available at the following location:

<https://vulners.com/cve/CVE-2007-5000&gt;

F5 Product Development tracked this issue as CR59618 and it was fixed in BIG-IP 9.3.0 and 9.4.0. For information about upgrading, refer to the BIG-IP LTM, GTM, ASM, Link Controller, and WebAccelerator release notes.

Workaround

If you are using a vulnerable version and upgrading is not an immediate option, you can disable mod_imap by performing the following procedure:

1. Log in to the command line.
2. Change directories to the /config/httpd/conf directory by typing the following command:

cd /config/httpd/conf
3. Open the httpd.conffile with a file editor and comment out the mod_imap entry by inserting**#** at the beginning of the following line:

#LoadModule imap_module modules/mod_imap.so
4. Save the httpd.conf file.
5. Restart the httpd daemon by typing the following command:

bigstart restart httpd