Sign-up

ID

VAR-201007-0356


TITLE

F5 FirePass Pre-Encryption Token Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2010-1327

DESCRIPTION

F5's FirePass server is a powerful network device that provides users with secure access to corporate networks through any standard web browser. The controller has an error when receiving the pre-login sequence token, and an attacker can exploit the vulnerability to access the login page from a non-compliant workstation using a token generated by a compatible workstation. Part of the input passed to the pre-login page lacks sufficient filtering before returning to the user, which can trigger a cross-site scripting attack, gain sensitive information, or gain unauthorized access to the application. F5 FirePass is prone to a security-bypass vulnerability. An attacker can exploit this issue to gain access to restricted content. This can lead to other attacks. F5 FirePass 5.5.2 and 6.1 are vulnerable; other versions may be affected. F5 FirePass is prone to a cross-site scripting vulnerability because the web interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. ---------------------------------------------------------------------- "From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420." Non-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more: http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf ---------------------------------------------------------------------- TITLE: F5 FirePass Security Bypass and Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA40611 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40611/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40611 RELEASE DATE: 2010-07-15 DISCUSS ADVISORY: http://secunia.com/advisories/40611/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/40611/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=40611 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in F5 FirePass, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions. 2) Certain input passed to the pre-logon pages is not properly sanitised before being returned to the user. The vulnerabilities are reported in versions 5.5.2 and 6.1. SOLUTION: Apply hotfixes. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://support.f5.com/kb/en-us/solutions/public/11000/700/sol11797.html https://support.f5.com/kb/en-us/solutions/public/11000/700/sol11795.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.71

sources: CNVD: CNVD-2010-1327 // CNVD: CNVD-2010-1328 // BID: 41665 // BID: 41671 // PACKETSTORM: 91823

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 1.2

sources: CNVD: CNVD-2010-1327 // CNVD: CNVD-2010-1328

AFFECTED PRODUCTS

vendor:f5model:firepassscope:eqversion:6.1

Trust: 1.8

vendor:f5model:firepassscope:eqversion:5.5.2

Trust: 1.8

sources: CNVD: CNVD-2010-1327 // CNVD: CNVD-2010-1328 // BID: 41665 // BID: 41671

THREAT TYPE

network

Trust: 0.6

sources: BID: 41665 // BID: 41671

TYPE

Design Error

Trust: 0.3

sources: BID: 41665

PATCH

title:F5 FirePass pre-entry patch security bypass vulnerability patchurl:https://www.cnvd.org.cn/patchinfo/show/607

Trust: 0.6

title:F5 FirePass pre-login page patch for cross-site scripting vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/608

Trust: 0.6

sources: CNVD: CNVD-2010-1327 // CNVD: CNVD-2010-1328

EXTERNAL IDS

db:SECUNIAid:40611

Trust: 1.6

db:BIDid:41665

Trust: 0.9

db:BIDid:41671

Trust: 0.9

db:CNVDid:CNVD-2010-1327

Trust: 0.6

db:CNVDid:CNVD-2010-1328

Trust: 0.6

db:PACKETSTORMid:91823

Trust: 0.1

sources: CNVD: CNVD-2010-1327 // CNVD: CNVD-2010-1328 // BID: 41665 // BID: 41671 // PACKETSTORM: 91823

REFERENCES

url:http://secunia.com/advisories/40611/

Trust: 1.6

url:https://support.f5.com/kb/en-us/solutions/public/11000/700/sol11795.html

Trust: 0.4

url:http://www.f5.com/products/firepass/

Trust: 0.3

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=40611

Trust: 0.1

url:http://secunia.com/products/corporate/evm/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/advisories/40611/#comments

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:https://support.f5.com/kb/en-us/solutions/public/11000/700/sol11797.html

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/gfx/pdf/secunia_half_year_report_2010.pdf

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2010-1327 // CNVD: CNVD-2010-1328 // BID: 41665 // BID: 41671 // PACKETSTORM: 91823

CREDITS

Reported by the vendor.

Trust: 0.6

sources: BID: 41665 // BID: 41671

SOURCES

db:CNVDid:CNVD-2010-1327
db:CNVDid:CNVD-2010-1328
db:BIDid:41665
db:BIDid:41671
db:PACKETSTORMid:91823

LAST UPDATE DATE

2022-05-17T01:58:04.736000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2010-1327date:2010-07-14T00:00:00
db:CNVDid:CNVD-2010-1328date:2010-07-14T00:00:00
db:BIDid:41665date:2010-07-14T00:00:00
db:BIDid:41671date:2010-07-14T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2010-1327date:2010-07-14T00:00:00
db:CNVDid:CNVD-2010-1328date:2010-07-14T00:00:00
db:BIDid:41665date:2010-07-14T00:00:00
db:BIDid:41671date:2010-07-14T00:00:00
db:PACKETSTORMid:91823date:2010-07-15T15:23:54