Summary
| Detail | |||
|---|---|---|---|
| Vendor | f5 | First view | 2007-01-12 |
| Product | Firepass | Last view | 2020-02-21 |
| Version | 5.4.1 | Type | Hardware |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:h:f5:firepass | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.9 | 2020-02-21 | CVE-2013-3587 | The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929. |
| 9.3 | 2013-08-09 | CVE-2013-0150 | Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execute arbitrary files via a .. (dot dot) in the filename parameter. |
| 9.1 | 2012-05-24 | CVE-2011-3188 | The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. |
| 5 | 2007-01-12 | CVE-2007-0195 | my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0 displays different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to confirm the validity of an LDAP account. |
| 6.5 | 2007-01-12 | CVE-2007-0188 | F5 FirePass 5.4 through 5.5.1 does not properly enforce host access restrictions when a client uses a single integer (dword) representation of an IP address ("dotless IP address"), which allows remote authenticated users to connect to the FirePass administrator console and certain other network resources. |
| 7.5 | 2007-01-12 | CVE-2007-0187 | F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via (1) a trailing null byte, (2) multiple leading slashes, (3) Unicode encoding, (4) URL-encoded directory traversal or same-directory characters, or (5) upper case letters in the domain name. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (1) | CWE-200 | Information Exposure |
| 50% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 75716 | Linux Kernel Sequence Number Generation Weakness Remote Packet Injection |
| 39167 | F5 FirePass Multiple Method URL Restriction Bypass |
| 32736 | F5 FirePass my.activation.php3 Error Message LDAP Account Enumeration |
| 32734 | F5 FirePass Dotless IP Address URL Restriction Bypass |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
| 2012-07-30 | Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64 File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl |
| 2012-07-09 | Name : RedHat Update for kernel RHSA-2011:1465-01 File : nvt/gb_RHSA-2011_1465-01_kernel.nasl |
| 2011-12-02 | Name : Fedora Update for kernel FEDORA-2011-16346 File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl |
| 2011-11-11 | Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1 File : nvt/gb_ubuntu_USN_1256_1.nasl |
| 2011-11-11 | Name : Ubuntu Update for linux USN-1253-1 File : nvt/gb_ubuntu_USN_1253_1.nasl |
| 2011-11-08 | Name : Fedora Update for kernel FEDORA-2011-15241 File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl |
| 2011-10-31 | Name : Fedora Update for kernel FEDORA-2011-14747 File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-ec2 USN-1239-1 File : nvt/gb_ubuntu_USN_1239_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1240-1 File : nvt/gb_ubuntu_USN_1240_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1 File : nvt/gb_ubuntu_USN_1241_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-lts-backport-maverick USN-1242-1 File : nvt/gb_ubuntu_USN_1242_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux USN-1243-1 File : nvt/gb_ubuntu_USN_1243_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux-mvl-dove USN-1245-1 File : nvt/gb_ubuntu_USN_1245_1.nasl |
| 2011-10-31 | Name : Ubuntu Update for linux USN-1246-1 File : nvt/gb_ubuntu_USN_1246_1.nasl |
| 2011-10-21 | Name : Ubuntu Update for linux USN-1236-1 File : nvt/gb_ubuntu_USN_1236_1.nasl |
| 2011-10-21 | Name : RedHat Update for kernel RHSA-2011:1386-01 File : nvt/gb_RHSA-2011_1386-01_kernel.nasl |
| 2011-10-21 | Name : CentOS Update for kernel CESA-2011:1386 centos5 i386 File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl |
| 2011-10-14 | Name : Ubuntu Update for linux-ti-omap4 USN-1228-1 File : nvt/gb_ubuntu_USN_1228_1.nasl |
| 2011-10-10 | Name : Fedora Update for kernel FEDORA-2011-12874 File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl |
| 2011-09-30 | Name : Ubuntu Update for linux-ti-omap4 USN-1220-1 File : nvt/gb_ubuntu_USN_1220_1.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0033884 |
| 2012-A-0148 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0033794 |
| 2012-A-0136 | Multiple Vulnerabilities in Juniper Network Management Products Severity: Category I - VMSKEY: V0033662 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-10-02 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201606-06.nasl - Type: ACT_GATHER_INFO |
| 2016-02-29 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2012-0013_remote.nasl - Type: ACT_GATHER_INFO |
| 2014-11-17 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2011-1408.nasl - Type: ACT_GATHER_INFO |
| 2014-10-10 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL15301.nasl - Type: ACT_GATHER_INFO |
| 2014-10-10 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL14468.nasl - Type: ACT_GATHER_INFO |
| 2014-07-22 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2012-0010.nasl - Type: ACT_GATHER_INFO |
| 2013-09-13 | Name: The remote host has a predictable TCP sequence number generator. File: juniper_nsm_psn_2012_08_688.nasl - Type: ACT_GATHER_INFO |
| 2013-09-04 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2011-26.nasl - Type: ACT_GATHER_INFO |
| 2013-09-04 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2011-16.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-1465.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-1386.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-2033.nasl - Type: ACT_GATHER_INFO |
| 2013-01-24 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2011-1419.nasl - Type: ACT_GATHER_INFO |
| 2012-08-31 | Name: The remote VMware ESXi / ESX host is missing one or more security-related pat... File: vmware_VMSA-2012-0013.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20111020_kernel_on_SL5_x.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20111122_kernel_on_SL6_x.nasl - Type: ACT_GATHER_INFO |
| 2011-12-14 | Name: The remote SuSE 11 host is missing one or more security updates. File: suse_11_kernel-111202.nasl - Type: ACT_GATHER_INFO |
| 2011-11-23 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2011-1465.nasl - Type: ACT_GATHER_INFO |
| 2011-11-10 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1256-1.nasl - Type: ACT_GATHER_INFO |
| 2011-11-09 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1253-1.nasl - Type: ACT_GATHER_INFO |
| 2011-10-26 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1242-1.nasl - Type: ACT_GATHER_INFO |
| 2011-10-26 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1246-1.nasl - Type: ACT_GATHER_INFO |
| 2011-10-26 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-1245-1.nasl - Type: ACT_GATHER_INFO |
| 2011-10-26 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1243-1.nasl - Type: ACT_GATHER_INFO |
| 2011-10-26 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-1241-1.nasl - Type: ACT_GATHER_INFO |
