Friday, September 11, 2015

F5 file path traversal - CVE 2015-4040

Earlier this year while pentesting a customer network, I identified a File Path traversal vulnerability in a F5 Big IP box.

Chris Christian from F5 Security Response Team (SRT) reached out promptly and I shared the details with him.

Chris confirmed yesterday that F5 has now released new version 12.0 that fixes this issue. F5 has also published a Solution Article 17253 describing this path traversal vulnerability, affected devices / versions, impact, resolution & references, recently on Sep 9, 2015.

Read it here:
https://support.f5.com/kb/en-us/solutions/public/17000/200/sol17253.html


Disclosure timelines:
April 27, 2015 - Contacted F5 security
April 28, 2015 - Response from F5
September 02, 2015 - version 12.0 released
September 09, 2015 - Solution article 17253 published

Update:
Associated CVE-2015-4040 is in progress and will be published shortly has been published.

You can check it out here:
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4040

I have also posted a working exploit on Exploit-db and Packetstorm:
https://www.exploit-db.com/exploits/38448/
https://packetstormsecurity.com/files/133931/F5-BigIP-10.2.4-Build-595.0-HF3-Path-Traversal.html


+++++
More advisories coming soon.

Cheers!

No comments:

Post a Comment

Disclaimer

The views, information & opinions expressed in this blog are my own and do not reflect the views of my current or former employers or employees or colleagues.