CVSS: 10.0EPSS: 97%CPEs: 345EXPL: 54CVE-2014-6271 – GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-6271
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix. GNU Bash hasta la versión 4.3 procesa cadenas finales después de las definiciones de funciones en los valores de variables de entorno, lo que permite a atacantes remotos ejecutar código arbitrario a través de un entorno manipulado, tal como se ha demostrado por vectores que involucran la característica ForceCommand en sshd OpenSSH, los módulos mod_cgi y mod_cgid en el Apache HTTP Server, scripts ejecutados por clientes DHCP no especificados, y otras situaciones en las cuales el ajuste de entorno ocurre a través de un límite privilegiado de la ejecución de Bash, también conocido como "ShellShock." NOTA: la reparación original para este problema era incorrecta; CVE-2014-7169 ha sido asignada para cubrir la vulnerabilidad que todavía está presente después de la solución incorrecta. A flaw was found in the way Bash evaluated certain specially crafted environment variables. • https://github.com/darrenmartyn/visualdoor https://www.exploit-db.com/exploits/38849 https://www.exploit-db.com/exploits/34777 https://www.exploit-db.com/exploits/39918 https://www.exploit-db.com/exploits/34895 https://www.exploit-db.com/exploits/34839 https://www.exploit-db.com/exploits/40619 https://www.exploit-db.com/exploits/36503 https://www.exploit-db.com/exploits/36504 https://www.exploit-db.com/exploits/40938 https://www.exploit-db.com/exploits/34900 https • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 0%CPEs: 150EXPL: 1CVE-2014-4023 – F5 BIG-IP 11.5.1 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2014-4023
Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in F5 BIG-IP LTM, APM, ASM, GTM, and Link Controller 11.0.0 before 11.6.0 and 10.1.0 through 10.2.4, AAM 11.4.0 before 11.6.0, AFM and PEM 11.3.0 before 11.6.0, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0 and 10.1.0 through 10.2.4, and PSM 11.0.0 through 11.4.1 and 10.1.0 through 10.2.4 and Enterprise Manager 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en tmui/dashboard/echo.jsp en la utilidad Configuration en F5 BIG-IP LTM, APM, ASM, GTM, y Link Controller 11.0.0 anterior a 11.6.0 y 10.1.0 hasta 10.2.4, AAM 11.4.0 anterior a 11.6.0, AFM y PEM 11.3.0 anterior a 11.6.0, Analytics 11.0.0 hasta 11.5.1, Edge Gateway, WebAccelerator, y WOM 11.0.0 hasta 11.3.0 y 10.1.0 hasta 10.2.4, y PSM 11.0.0 hasta 11.4.1 y 10.1.0 hasta 10.2.4 y Enterprise Manager 3.0.0 hasta 3.1.1 y 2.1.0 hasta 2.3.0 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios a través de vectores no especificados. F5 BIG-IP versions 11.5.1 and below suffer from a reflective cross site scripting vulnerability. • http://www.securitytracker.com/id/1030776 https://support.f5.com/kb/en-us/solutions/public/15000/500/sol15532.html https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140828-F5_BIG-IP_Reflected_XSS_v10.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 78%CPEs: 86EXPL: 3CVE-2014-2928 – F5 iControl - Remote Command Execution
https://notcve.org/view.php?id=CVE-2014-2928
The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, Enterprise Manager 2.1.0 through 2.3.0 and 3.0.0 through 3.1.1, and BIG-IQ Cloud, Device, and Security 4.0.0 through 4.3.0 allows remote administrators to execute arbitrary commands via shell metacharacters in the hostname element in a SOAP request. La API iControl en F5 BIG-IP LTM, APM, ASM, GTM, Link Controller y PSM 10.0.0 hasta 10.2.4 y 11.0.0 hasta 11.5.1, BIG-IP AAM 11.4.0 hasta 11.5.1, BIG-IP AFM y PEM 11.3.0 hasta 11.5.1, BIG-IP Analytics 11.0.0 hasta 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 10.1.0 hasta 10.2.4 y 11.0.0 hasta 11.3.0, Enterprise Manager 2.1.0 hasta 2.3.0 y 3.0.0 hasta 3.1.1 y BIG-IQ Cloud, Device y Security 4.0.0 hasta 4.3.0 permite a administradores remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en el elemento de nombre de anfitrión en una solicitud SOAP. F5 iControl systems suffer from a remote command execution vulnerability. • https://www.exploit-db.com/exploits/34927 http://seclists.org/fulldisclosure/2014/May/32 http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html http://www.exploit-db.com/exploits/34927 http://www.osvdb.org/106728 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/f5_icontrol_exec.rb •
CVSS: 4.4EPSS: 0%CPEs: 21EXPL: 0CVE-2013-6024
https://notcve.org/view.php?id=CVE-2013-6024
The Edge Client components in F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, and 14.x, BIG-IP Edge Gateway 10.x and 11.x, and FirePass 7.0.0 allow attackers to obtain sensitive information from process memory via unspecified vectors. Los componentes Edge Client en F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, y 14.x, BIG-IP Edge Gateway 10.x y 11.x y FirePass 7.0.0 permiten a atacantes obtener información sensible de la memoria de procesos a través de vectores no especificados. • http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14969.html http://www.kb.cert.org/vuls/id/146430 http://www.securityfocus.com/bid/65422 https://support.f5.com/csp/article/K14969 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 1%CPEs: 86EXPL: 0CVE-2013-6016
https://notcve.org/view.php?id=CVE-2013-6016
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, and WOM 10.0.0 through 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.4.1; and WebAccelerator 9.4.0 through 9.4.8, 10.0.0 through 10.2.4, and 11.0.0 through 11.3.0 might change a TCP connection to the ESTABLISHED state before receiving the ACK packet, which allows remote attackers to cause a denial of service (SIGFPE or assertion failure and TMM restart) via unspecified vectors. The Traffic Management Microkernel (TMM) en F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Controller, y WOM 10.0.0 hasta la versión 10.2.2 and 11.0.0; Analytics 11.0.0; PSM 9.4.0 hasta la versión 9.4.8, 10.0.0 hasta la versión 10.2.4, and 11.0.0 hasta la versión 11.4.1; y WebAccelerator 9.4.0 hasta la versión 9.4.8, 10.0.0 hasta la versión 10.2.4, and 11.0.0 hasta la versión 11.3.0 podría cambiar a una conexión TCP al estado ESTABLISHED antes de recibir el paquete ACK, lo que permite a atacantes remotos provocar una denegación de servicio (SIGFPE o error de aserción y reinicio TMM) a través de vectores no especificados. • http://secunia.com/advisories/55378 http://support.f5.com/kb/en-us/solutions/public/13000/200/sol13233.html http://www.securitytracker.com/id/1029220 https://exchange.xforce.ibmcloud.com/vulnerabilities/88166 • CWE-20: Improper Input Validation •