SOL8939 - SNMPv3 HMAC verification vulnerability CVE-2008-0960 - VU#878044

2008-07-15T00:00:00
ID SOL8939
Type f5
Reporter f5
Modified 2016-07-25T00:00:00

Description

Information about this advisory is available at the following locations:

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960>

<http://www.kb.cert.org/vuls/id/878044>

F5 Product Development tracked this issue as CR99838 for BIG-IP LTM, GTM, ASM, PSM, Link Controller, and WebAccelerator and it was fixed in BIG-IP 9.4.6 and 10.0.0. For information about upgrading, refer to the BIG-IP LTM, GTM, ASM, PSM, Link Controller, or WebAccelerator release notes.

This issue was also tracked as CR99838 for Enterprise Manager, and it was fixed in Enterprise Manager 1.7.0. For information about upgrading, refer to the Enterprise Manager release notes.

F5 Product Development tracked this issue as CR100973 for FirePass and it was fixed in FirePass 6.0.3. For information about upgrading, refer to the FirePass release notes.

This issue still exists in the FirePass 5.x branch.

Additionally, this issue was fixed in Hotfix-BIG-IP-9.3.1-HF3 issued for BIG-IP 9.3.1, Hotfix-BIG-IP-9.4.5-HF2 issued for BIG-IP 9.4.5, Hotfix-BIG-IP-9.6.1-HF2 issued for BIG-IP 9.6.1, and FirePass HF-100973 issued for FirePass 6.0.2. You may download these hotfixes or later versions of the hotfixes from the F5 Downloads site.

To view a list of the latest available hotfixes, refer to SOL9502: BIG-IP hotfix matrix.

For information about the F5 hotfix policy, refer to SOL4918: Overview of F5 critical issue hotfix policy.

For information about how to manage F5 product hotfixes, refer to SOL6845: Managing F5 product hotfixes.

Obtaining and installing patches

You can download patches from the F5 Downloads site for the following products and versions:

Product| Version| Hotfix| Installation File
---|---|---|---
FirePass| 5.5.0| hotfix-100973| HF-100973-1-5.5-ALL-0.tar.gz.enc
FirePass| 5.5.1| hotfix-100973| HF-100973-1-5.51-ALL-0.tar.gz.enc
FirePass| 5.5.2| hotfix-100973| HF-100973-1-5.52-ALL-0.tar.gz.enc
FirePass| 6.0.1| hotfix-100973| HF-100973-1-6.01-ALL-0.tar.gz.enc
FirePass| 6.0.2| hotfix-100973| HF-100973-1-6.02-ALL-0.tar.gz.enc
BIG-IP SAM| 8.0.0| Secure Access Manager 8.0.0 HF1| Hotfix-BIGIP_SAM-8.0.0-1561.0-HF1.im

Workaround

You can work around this issue for FirePass by disabling the SNMP agent. To disable the SNMP agent, perform the following procedure:

  1. Log on to the FirePass Administrative Console.
  2. Navigate to Device Management > Configuration.
  3. Click SNMP.
  4. If you are running FirePass 6.x, clear the Start SNMP agent check box.

If you are running FirePass 5.x, clear the Run SNMP agent on port check box. 5. Click Submit.