Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Network Appliances :: bx2284.htm

F5 BIG-IP Web Management Console XSS



F5 BIG-IP Web Management Console XSS
F5 BIG-IP Web Management Console XSS



F5 BIG-IP Web Management Console XSS


Product: F5 BIG-IP
http://www.f5.com/products/big-ip/


The F5 BIG-IP web management interface contains a potentially persistent cross-site scripting vulnerability in the "Console" feature. Output from executed console commands is wrapped in  [intentionally misspelled] so the content is displayed verbatim but there is no protection against forced premature termination of the textarea block with an injected  tag.

Example command output with the exploit:
....

One possible persistent exploitation is for an attacker to create a log entry with an embedded script that gets executed any time the corresponding log file is later reviewed in the Console by an administrator. It is possible to craft URL links that would generate a suitable log entry with a simple HTTP GET request. This allows the attack to be carried out remotely.


The vulnerability has been identified in version 9.4.3. However, other versions may be also affected.


Solution:
Do not use the web management Console feature to review logs. Use SSH CLI instead.


History:
2/23/08 - 1st notice sent to F5 (no response)
3/4/08  - 2nd notice sent to F5 (no response)
3/8/08  - public disclosure


Found by:
nnposter


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH