Bugtraq mailing list archives
Re: BigIP - bigconf.cgi holes
From: r.gilde () F5 COM (Rob Gilde)
Date: Tue, 9 Nov 1999 11:30:55 -0800
Guy Cohen wrote: | The html interface basicly operates one program, bigconf.cgi, witch is | installed suid root. I have not spend much time learning how to exploit this | program, but from the bits I did, I was able to look at _any_ file | on the system simply by giving it's name to the cgi program (with appropriate | parameters of course). | | The risk here is not from the outside, as the http server is protected | by a password, but from internal users. Less risk, but still ... Guy is discussing an issue that affects older versions of BIG/ip. As he points out, the risk is from internal users. In older versions of BIG/ip, there is effectively only one user and that user has root privileges. That user could execute commands as root through a shell escape in our web-based user interface. As of Version 2.1, this is no longer possible. The current version of BIG/ip is 2.1.2. The software update is available for free over the net to all customers with support contracts. In Version 2.1, in response to customer feedback, we removed the shell escape capability and also changed to multiple user levels in the web-based user interface. BIG/ip is a default-deny device, both for administrative traffic to it, and for traffic passing through it. The product uses SSH for command line access and SSL for web access. We welcome any feedback on how we can make the product more secure. Thanks! Rob Gilde Product Development Manager voice: 206-505-0857 email: rob () f5 com F5 Networks, Inc. 200 First Avenue West, Suite 500 Seattle, WA 98119 http://www.f5.com 1-888-88BIGIP <!-- body="end" --> <HR> <UL> <LI><STRONG>Next message:</STRONG> Crispin Cowan: "ImmuniX OS Security Alert: StackGuard 1.21 Released" <LI><STRONG>Previous message:</STRONG> Elias Levy: "Re: Interscan VirusWall NT 3.23/3.3 buffer overflow." <LI><STRONG>Maybe in reply to:</STRONG> dark spyrit: "Interscan VirusWall NT 3.23/3.3 buffer overflow." <LI><STRONG>Next in thread:</STRONG> Guy Cohen: "Re: BigIP - bigconf.cgi holes" <LI><STRONG>Reply:</STRONG> Guy Cohen: "Re: BigIP - bigconf.cgi holes" </UL> <HR> <SMALL> This archive was generated by hypermail 2.0b3 on Tue Nov 09 1999 - 14:16:13 CST</EM> </EM> </SMALL> </BODY> </HTML>
Current thread:
- Re: BigIP - bigconf.cgi holes Rob Gilde (Nov 09)
- Re: BigIP - bigconf.cgi holes Guy Cohen (Nov 10)
- <Possible follow-ups>
- Re: BigIP - bigconf.cgi holes Rob Gilde (Nov 10)