Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6474

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2008-6474
Last Modified 26 Mar 2009 01:49:36
Published 16 Mar 2009 12:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-6474

Summary

The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection.

Vulnerable Systems

Application

  • F5 Big-ip 9.4.3


References

XF - f5bigip-interface-code-execution(49308)

BID - 28639

BUGTRAQ - 20080405 F5 BIG-IP Management Interface Perl Injection

OSVDB - 51116


Last Updated: 27 May 2016 10:49:12