Details of VAR-200912-0370

ID

VAR-200912-0370

CVE

CVE-2009-4420

TITLE

F5 BIG-IP ASM and PSM Remote Buffer Overflow Vulnerability

Trust: 0.9

sources: BID: 37452 // CNNVD: CNNVD-200912-353

DESCRIPTION

Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information. An attacker may exploit this issue to execute arbitrary code with the privileges of the affected application. Successful exploits may compromise affected devices. Failed exploit attempts will result in a denial-of-service condition. Technical details are currently unavailable. We will update this BID as more information emerges. F5 BIG-IP is a powerful application switch. Remote attackers can use unknown vectors to cause a denial of service. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. The vulnerability is caused due to an unspecified error in the "bd" daemon and can be exploited to crash an affected system. The vulnerability is reported in the following products and versions: * BIG-IP ASM versions 9.4.4 through 9.4.7 * BIG-IP ASM versions 10.0.0 through 10.0.1 * BIG-IP PSM versions 9.4.5 through 9.4.7 * BIG-IP PSM versions 10.0.0 through 10.0.1 SOLUTION: Update to version 9.4.8 or 10.1.0, or apply patches. BIG-IP version 9.4.6: Apply Hotfix-BIGIP-9.4.6-425.0-HF3. BIG-IP version 9.4.7: Apply Hotfix-BIGIP-9.4.7-333.0-HF2. BIG-IP version 10.0.0: Apply Hotfix-BIGIP-10.0.0-5519.0-HF3. BIG-IP version 10.0.1: Apply Hotfix-BIGIP-10.0.1-354.0-HF2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: F5 Networks (CR126690): https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2009-4420 // JVNDB: JVNDB-2009-002656 // BID: 37452 // VULHUB: VHN-41866 // PACKETSTORM: 84223

AFFECTED PRODUCTS

vendor:	f5	model:	big-ip protocol security manager	scope:	eq	version:	9.4.7	Trust: 1.9
vendor:	f5	model:	big-ip protocol security manager	scope:	eq	version:	9.4.6	Trust: 1.9
vendor:	f5	model:	big-ip protocol security manager	scope:	eq	version:	9.4.5	Trust: 1.9
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	10.0.1	Trust: 1.9
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	9.4.7	Trust: 1.9
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	9.4.6	Trust: 1.9
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	9.4.5	Trust: 1.9
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	9.4.4	Trust: 1.9
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	10.0.0	Trust: 1.6
vendor:	f5	model:	big-ip protocol security manager	scope:	eq	version:	10.0.1	Trust: 1.3
vendor:	f5	model:	big-ip protocol security module	scope:	eq	version:	10.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip protocol security manager	scope:	-	version:	-	Trust: 0.8
vendor:	f5	model:	big-ip protocol security manager	scope:	eq	version:	10.0.0	Trust: 0.6
vendor:	f5	model:	big-ip protocol security manager	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	10.0	Trust: 0.3
vendor:	f5	model:	big-ip protocol security manager	scope:	ne	version:	10.1	Trust: 0.3
vendor:	f5	model:	big-ip protocol security manager	scope:	ne	version:	9.4.8	Trust: 0.3
vendor:	f5	model:	big-ip application security manager	scope:	ne	version:	10.1	Trust: 0.3
vendor:	f5	model:	big-ip application security manager	scope:	ne	version:	9.4.8	Trust: 0.3

sources: BID: 37452 // JVNDB: JVNDB-2009-002656 // CNNVD: CNNVD-200912-353 // NVD: CVE-2009-4420

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-4420
value:	HIGH
Trust: 1.0
NVD:	CVE-2009-4420
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200912-353
value:	HIGH
Trust: 0.6
VULHUB:	VHN-41866
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2009-4420
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-41866
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-41866 // JVNDB: JVNDB-2009-002656 // CNNVD: CNNVD-200912-353 // NVD: CVE-2009-4420

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-41866 // JVNDB: JVNDB-2009-002656 // NVD: CVE-2009-4420

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200912-353

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-200912-353

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-002656

PATCH

title:

Top Page

url:

http://www.f5networks.co.jp

Trust: 0.8

sources: JVNDB: JVNDB-2009-002656

EXTERNAL IDS

db:	BID	id:	37452	Trust: 2.8
db:	SECUNIA	id:	37805	Trust: 2.6
db:	OSVDB	id:	61297	Trust: 2.5
db:	NVD	id:	CVE-2009-4420	Trust: 2.5
db:	SECTRACK	id:	1023386	Trust: 2.5
db:	VUPEN	id:	ADV-2009-3627	Trust: 1.7
db:	XF	id:	55005	Trust: 0.8
db:	JVNDB	id:	JVNDB-2009-002656	Trust: 0.8
db:	CNNVD	id:	CNNVD-200912-353	Trust: 0.7
db:	VULHUB	id:	VHN-41866	Trust: 0.1
db:	PACKETSTORM	id:	84223	Trust: 0.1

sources: VULHUB: VHN-41866 // BID: 37452 // JVNDB: JVNDB-2009-002656 // PACKETSTORM: 84223 // CNNVD: CNNVD-200912-353 // NVD: CVE-2009-4420

REFERENCES

url:	http://www.securityfocus.com/bid/37452	Trust: 3.1
url:	http://osvdb.org/61297	Trust: 2.5
url:	http://www.securitytracker.com/id?1023386	Trust: 2.5
url:	http://secunia.com/advisories/37805	Trust: 2.5
url:	https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10417.html	Trust: 2.1
url:	http://www.vupen.com/english/advisories/2009/3627	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/55005	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4420	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/55005	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4420	Trust: 0.8
url:	http://www.f5.com/products/big-ip/product-modules/application-security-manager.html	Trust: 0.3
url:	http://www.f5.com/products/big-ip/feature-modules/protocol-security-module.html	Trust: 0.3
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/37805/	Trust: 0.1
url:	http://secunia.com/advisories/business_solutions/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-41866 // BID: 37452 // JVNDB: JVNDB-2009-002656 // PACKETSTORM: 84223 // CNNVD: CNNVD-200912-353 // NVD: CVE-2009-4420

CREDITS

The vendor.

Trust: 0.9

sources: BID: 37452 // CNNVD: CNNVD-200912-353

SOURCES

db:	VULHUB	id:	VHN-41866
db:	BID	id:	37452
db:	JVNDB	id:	JVNDB-2009-002656
db:	PACKETSTORM	id:	84223
db:	CNNVD	id:	CNNVD-200912-353
db:	NVD	id:	CVE-2009-4420

LAST UPDATE DATE

2024-11-23T22:39:25.428000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-41866	date:	2019-06-06T00:00:00
db:	BID	id:	37452	date:	2009-12-28T18:02:00
db:	JVNDB	id:	JVNDB-2009-002656	date:	2011-06-07T00:00:00
db:	CNNVD	id:	CNNVD-200912-353	date:	2019-06-11T00:00:00
db:	NVD	id:	CVE-2009-4420	date:	2024-11-21T01:09:36.150

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-41866	date:	2009-12-24T00:00:00
db:	BID	id:	37452	date:	2009-12-23T00:00:00
db:	JVNDB	id:	JVNDB-2009-002656	date:	2011-06-07T00:00:00
db:	PACKETSTORM	id:	84223	date:	2009-12-29T10:23:30
db:	CNNVD	id:	CNNVD-200912-353	date:	2009-12-24T00:00:00
db:	NVD	id:	CVE-2009-4420	date:	2009-12-24T17:30:00.280