Details of VAR-200801-0243

ID

VAR-200801-0243

CVE

CVE-2008-0265

TITLE

F5 BIG-IP Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2008-002593

DESCRIPTION

Multiple cross-site scripting (XSS) vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to (1) list_system.jsp, (2) list_pktfilter.jsp, (3) list_ltm.jsp, (4) resources_audit.jsp, and (5) list_asm.jsp in tmui/Control/jspmap/tmui/system/log/; and (6) list.jsp in certain directories. (1) tmui/Control/jspmap/tmui/system/log/ Subordinate list_system.jsp (2) tmui/Control/jspmap/tmui/system/log/ Subordinate list_pktfilter.jsp (3) tmui/Control/jspmap/tmui/system/log/ Subordinate list_ltm.jsp (4) tmui/Control/jspmap/tmui/system/log/ Subordinate resources_audit.jsp (5) tmui/Control/jspmap/tmui/system/log/ Subordinate list_asm.jsp (6) Under other directories list.jsp. F5 BIG-IP is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. BIG-IP firmware version 9.4.3 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: F5 BIG-IP "SearchString" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA28505 VERIFY ADVISORY: http://secunia.com/advisories/28505/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: BIG-IP 9.x http://secunia.com/product/3158/ DESCRIPTION: nnposter has reported a vulnerability in F5 BIG-IP, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "SearchString" parameter in various files is not properly sanitised before being returned to a user. The vulnerability is reported in the following files: /tmui/Control/jspmap/tmui/locallb/virtual_server/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/http/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/ftp/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/rtsp/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/sip/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/persistence/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/fastl4/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/fasthttp/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/httpclass/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/tcp/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/udp/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/sctp/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/clientssl/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/serverssl/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/authn/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/connpool/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/statistics/list.jsp /tmui/Control/jspmap/tmui/locallb/profile/stream/list.jsp /tmui/Control/jspmap/tmui/locallb/pool/list.jsp /tmui/Control/jspmap/tmui/locallb/node/list.jsp /tmui/Control/jspmap/tmui/locallb/monitor/list.jsp /tmui/Control/jspmap/tmui/locallb/ssl_certificate/list.jsp /tmui/Control/jspmap/tmui/system/user/list.jsp /tmui/Control/jspmap/tmui/system/log/list_system.jsp /tmui/Control/jspmap/tmui/system/log/list_pktfilter.jsp /tmui/Control/jspmap/tmui/system/log/list_ltm.jsp /tmui/Control/jspmap/tmui/system/log/resources_audit.jsp /tmui/Control/jspmap/tmui/system/log/list_asm.jsp The vulnerability is reported in version 9.4.3. SOLUTION: Filter malicious characters and character sequences using a web proxy. PROVIDED AND/OR DISCOVERED BY: nnposter ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2008-0265 // JVNDB: JVNDB-2008-002593 // BID: 27272 // VULHUB: VHN-30390 // PACKETSTORM: 62786

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip	scope:	eq	version:	9.4.3	Trust: 1.7
vendor:	f5	model:	tmos	scope:	eq	version:	9.4.3	Trust: 1.6
vendor:	f5	model:	wanjet	scope:	eq	version:	5.0	Trust: 0.3
vendor:	f5	model:	enterprise manager	scope:	eq	version:	1.4.1	Trust: 0.3
vendor:	f5	model:	enterprise manager	scope:	eq	version:	1.0	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.3.1	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.2.5	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.2.2	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.1	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.0.5	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.0.4	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.0.3	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.0.2	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.0.1	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.0	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.4	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.3	Trust: 0.3
vendor:	f5	model:	big-ip build	scope:	eq	version:	9.2413.1	Trust: 0.3
vendor:	f5	model:	big-ip	scope:	eq	version:	9.2	Trust: 0.3

sources: BID: 27272 // JVNDB: JVNDB-2008-002593 // CNNVD: CNNVD-200801-200 // NVD: CVE-2008-0265

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2008-0265
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2008-0265
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200801-200
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-30390
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2008-0265
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-30390
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-30390 // JVNDB: JVNDB-2008-002593 // CNNVD: CNNVD-200801-200 // NVD: CVE-2008-0265

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-30390 // JVNDB: JVNDB-2008-002593 // NVD: CVE-2008-0265

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200801-200

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 62786 // CNNVD: CNNVD-200801-200

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-002593

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-30390

PATCH

title:

Top Page

url:

http://www.f5.com/products/big-ip/

Trust: 0.8

sources: JVNDB: JVNDB-2008-002593

EXTERNAL IDS

db:	NVD	id:	CVE-2008-0265	Trust: 2.8
db:	BID	id:	27272	Trust: 2.0
db:	SECUNIA	id:	28505	Trust: 1.8
db:	SECTRACK	id:	1019190	Trust: 1.7
db:	SREASON	id:	3545	Trust: 1.7
db:	VUPEN	id:	ADV-2008-0181	Trust: 1.7
db:	JVNDB	id:	JVNDB-2008-002593	Trust: 0.8
db:	XF	id:	5	Trust: 0.6
db:	XF	id:	39632	Trust: 0.6
db:	BUGTRAQ	id:	20080114 F5 BIG-IP WEB MANAGEMENT LIST SEARCH XSS	Trust: 0.6
db:	CNNVD	id:	CNNVD-200801-200	Trust: 0.6
db:	EXPLOIT-DB	id:	31024	Trust: 0.1
db:	SEEBUG	id:	SSVID-84377	Trust: 0.1
db:	VULHUB	id:	VHN-30390	Trust: 0.1
db:	PACKETSTORM	id:	62786	Trust: 0.1

sources: VULHUB: VHN-30390 // BID: 27272 // JVNDB: JVNDB-2008-002593 // PACKETSTORM: 62786 // CNNVD: CNNVD-200801-200 // NVD: CVE-2008-0265

REFERENCES

url:	http://www.securityfocus.com/bid/27272	Trust: 1.7
url:	http://www.securitytracker.com/id?1019190	Trust: 1.7
url:	http://secunia.com/advisories/28505	Trust: 1.7
url:	http://securityreason.com/securityalert/3545	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/486217/100/0/threaded	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2008/0181	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/39632	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0265	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0265	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/39632	Trust: 0.6
url:	http://www.securityfocus.com/archive/1/archive/1/486217/100/0/threaded	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2008/0181	Trust: 0.6
url:	http://www.f5.com/f5products/bigip/	Trust: 0.3
url:	https://support.f5.com/kb/en-us/solutions/public/8000/200/sol8280.html	Trust: 0.3
url:	/archive/1/486217	Trust: 0.3
url:	http://secunia.com/advisories/28505/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	https://psi.secunia.com/?page=changelog	Trust: 0.1
url:	https://psi.secunia.com/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/product/3158/	Trust: 0.1

sources: VULHUB: VHN-30390 // BID: 27272 // JVNDB: JVNDB-2008-002593 // PACKETSTORM: 62786 // CNNVD: CNNVD-200801-200 // NVD: CVE-2008-0265

CREDITS

nnposter

Trust: 0.6

sources: CNNVD: CNNVD-200801-200

SOURCES

db:	VULHUB	id:	VHN-30390
db:	BID	id:	27272
db:	JVNDB	id:	JVNDB-2008-002593
db:	PACKETSTORM	id:	62786
db:	CNNVD	id:	CNNVD-200801-200
db:	NVD	id:	CVE-2008-0265

LAST UPDATE DATE

2024-11-23T20:48:58.298000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-30390	date:	2018-10-30T00:00:00
db:	BID	id:	27272	date:	2008-01-23T03:38:00
db:	JVNDB	id:	JVNDB-2008-002593	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200801-200	date:	2008-09-05T00:00:00
db:	NVD	id:	CVE-2008-0265	date:	2024-11-21T00:41:32.373

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-30390	date:	2008-01-15T00:00:00
db:	BID	id:	27272	date:	2008-01-14T00:00:00
db:	JVNDB	id:	JVNDB-2008-002593	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	62786	date:	2008-01-19T01:16:59
db:	CNNVD	id:	CNNVD-200801-200	date:	2008-01-15T00:00:00
db:	NVD	id:	CVE-2008-0265	date:	2008-01-15T20:00:00