SecuriTeam - F5 FirePass 1200 SNMP Daemon DoS

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam
Beyond Security

SecuriTeam Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

Black Box Testing
Vulnerability Assessment
Vulnerability Scanner

	SecuriTeam in Your Inbox

	E-mail this article to a friend

New vulnerability?
New tool?
Tell us

A vulnerability in F5's FirePass 1200 allows remote attackers to cause the product to crash by sending it a request to a specific OID which in turns causes it to become unstable.

Credit:
The information has been provided by nnposter.

Protect your website!
Use an External Vulnerability Scanner!
Nothing to install. First report in 1 hour!
www.beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* F5 FirePass 1200 version 6.0.2 with hotfix 3

The F5 FirePass 1200 SSL VPN appliance contains a denial-of-service vulnerability in the SNMP daemon. Traversing (walking) OID branch hrSWInstalled in HOST-RESOURCES-MIB (OID 1.3.6.1.2.1.25.6) will cause the daemon to crash. No analysis has been done to determine if the vulnerability is further exploitable.

	Motorola Timbuktu Pro Stack Based Buffer Overflow
	Unisys Business Information Server Stack Buffer Overflow
	Adobe Shockwave Player Director File Parsing Pointer Overwrite
	Cisco Physical Access Gateway Denial of Service Vulnerability
	Cisco ASA Web VPN Multiple Vulnerabilities
	Cisco Video Surveillance Products Denial of Service
	Apple Safari File Protocol Handler Information Disclosure and Denial of Service
	HP OpenView Network Node Manager Execution of Arbitrary Code and DoS
	Kaspersky PDF Evasion All Products
	Ikarus Multiple Generic Evasions Using CAB ZIP or RAR Files
	FRISK Fprot Generic Bypass Using TAR Files
	CA Service Desk Tomcat Cross Site Scripting Vulnerability
	Apple Java CColorUIResource Pointer Derference Code Execution Vulnerability
	Mozilla Firefox Java Applet Loading Vulnerability
	Adobe Reader/Acrobat TrueType Font Processing Memory Corruption