Lucene search
K

261 matches found

securityvulns
securityvulns
added 2012/12/09 12:0 a.m.53 views

SEC Consult SA-20121203-0 :: F5 FirePass SSL VPN Unauthenticated local file inclusion

SEC Consult Vulnerability Lab Security Advisory 20121203-0 ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7 impact: Critical homepage:...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/04 12:0 a.m.37 views

F5 FirePass SSL VPN 7.0.0 HF-70-6 Local File Inclusion

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7 impact: Critical homepage:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/12/03 12:0 a.m.37 views

FirePass SSL VPN - Local File Inclusion

FirePass SSL VPN - Local File Inclusion SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/12/03 12:0 a.m.39 views

FirePass SSL VPN Unauthenticated Local File Inclusion Vulnerability

Exploit for multiple platform in category web applications ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7 impact: Critical homepage:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/12/03 12:0 a.m.38 views

FirePass SSL VPN - Local File Inclusion

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated local file inclusion product: F5 FirePass SSL VPN vulnerable version: = 7.0.0 HF-70-6 fixed version: 7.0.0 HF-70-7 impact: Critical homepage:...

7.4AI score
Exploits0
F5 Networks
F5 Networks
added 2012/11/29 12:0 a.m.28 views

SOL14046 - FirePass input validation vulnerability

Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. F5 strongly recommends that you install HF-70-7 for FirePass 7.0.0 to address this vulnerability. Acknowledgements F5 wou...

2.3AI score
Exploits0References7Affected Software1
F5 Networks
F5 Networks
added 2012/11/02 12:0 a.m.57 views

SOL13993 - Cross-site URL redirection attack vulnerability CVE-2009-4017

Vulnerability Recommended Actions Upgrade FirePass to the latest hotfix. Acknowledgements F5 would like to acknowledge Aung Khant of YGN Ethical Hacker Group, Myanmar for bringing this issue to our attention, and for following the highest standards of responsible disclosure. Supplemental...

5CVSS0.6AI score0.12041EPSS
Exploits0References6
securityvulns
securityvulns
added 2012/10/22 12:0 a.m.223 views

F5 FirePass SSL VPN 4xxx Series | Arbitrary URL Redirection

OVERVIEW F5 FirePass SSL VPN is vulnerable to Open URL Redirection. 2. BACKGROUND F5 FirePass SSL VPN provides secure remote access to enterprise applications and data for users over any device or network while protecting your corporate. See http://www.f5.com/pdf/products/firepass-overview.pdf...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2012/10/21 12:0 a.m.30 views

F5 FirePass SSL VPN Open URL Redirection

OVERVIEW F5 FirePass SSL VPN is vulnerable to Open URL Redirection. 2. BACKGROUND F5 FirePass SSL VPN provides secure remote access to enterprise applications and data for users over any device or network while protecting your corporate. See http://www.f5.com/pdf/products/firepass-overview.pdf...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/10/21 12:0 a.m.15 views

FirePass 7.0 SSL VPN - refreshURL Open Redirection

FirePass 7.0 SSL VPN - refreshURL Open Redirection source: https://www.securityfocus.com/bid/56156/info FirePass SSL VPN is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/10/21 12:0 a.m.21 views

FirePass 7.0 SSL VPN - 'refreshURL' Open Redirection

source: https://www.securityfocus.com/bid/56156/info FirePass SSL VPN is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks; other attacks are possible. Versions prior to FirePass 7.0.0...

7.4AI score
Exploits0
F5 Networks
F5 Networks
added 2012/06/11 12:0 a.m.26 views

SOL13656 - FirePass SQL injection vulnerability

Recommended action To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. F5 strongly recommends that you install HF-601-9 for FirePass version 6.1.0 or HF-70-7 for FirePass version 7.0.0 to address this...

2.3AI score
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2012/05/22 12:0 a.m.38 views

SOL13605 - FirePass sudo vulnerability - CVE-2012-2053

Recommended action F5 recommends that you upgrade to the latest FirePass hotfix to ensure that you have the latest security updates. Supplemental Information CERT advisory regarding CVE-2012-2053 SOL167: Downloading software and firmware from F5 SOL10322: FirePass hotfix matrix SOL3430: Installin...

7.2CVSS6.5AI score0.0048EPSS
Exploits1References10
F5 Networks
F5 Networks
added 2012/05/17 12:0 a.m.72 views

SOL13588 - PHP vulnerability CVE-2011-4885

Recommended action BIG-IP To mitigate this vulnerability, expose the administrative interface only on trusted networks and limit login access to trusted users. FirePass For information about hotfix status, contact F5 Technical Support. Supplemental Information CVE-2011-4885 SOL9970: Subscribing t...

5CVSS9.2AI score0.83911EPSS
Exploits15
NVD
NVD
added 2012/04/05 2:55 p.m.32 views

CVE-2012-1777

SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 allows remote attackers to execute arbitrary SQL commands via the state parameter...

7.5CVSS8.2AI score0.02327EPSS
Exploits2References8
NVD
NVD
added 2012/04/05 2:55 p.m.23 views

CVE-2012-2053

The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges via the sudo program, as demonstrated by the user account that executes PHP scripts, a different...

7.2CVSS6.8AI score0.0048EPSS
Exploits1References2
Prion
Prion
added 2012/04/05 2:55 p.m.19 views

Sql injection

SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 allows remote attackers to execute arbitrary SQL commands via the state parameter...

7.5CVSS8.7AI score0.02327EPSS
Exploits2References8Affected Software1
Prion
Prion
added 2012/04/05 2:55 p.m.26 views

Design/Logic Flaw

The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges via the sudo program, as demonstrated by the user account that executes PHP scripts, a different...

7.2CVSS7.1AI score0.02327EPSS
Exploits3References2Affected Software1
CVE
CVE
added 2012/04/04 10:0 a.m.61 views

CVE-2012-1777

CVE-2012-1777 affects F5 FirePass: SQL injection in the web interface (my.activation.php3) that allows an unauthenticated remote attacker to execute arbitrary SQL through the state parameter. Affected products/versions per the advisory: FirePass 6.0.0–6.1.0 and 7.0.0. The issue is caused by insuf...

7.5CVSS8.4AI score0.02327EPSS
Exploits2References8Affected Software1
Cvelist
Cvelist
added 2012/04/04 10:0 a.m.34 views

CVE-2012-1777

SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 allows remote attackers to execute arbitrary SQL commands via the state parameter...

8.2AI score0.02327EPSS
Exploits2References8
Rows per page
Query Builder