Required CVE Record Information
Description
F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via (1) a trailing null byte, (2) multiple leading slashes, (3) Unicode encoding, (4) URL-encoded directory traversal or same-directory characters, or (5) upper case letters in the domain name.
References 9 Total
- http://www.mnin.org/advisories/2007_firepass.pdf
- secunia.com: 23626 third-party-advisory
- secunia.com: 23640 third-party-advisory
- osvdb.org: 39167 vdb-entry
- https://tech.f5.com/home/solutions/sol6924.html
- lists.grok.org.uk: 20070106 NNL-Labs & MNIN - F5 FirePass Security Advisory mailing-list
- archives.neohapsis.com: 20070105 NNL-Labs & MNIN - F5 FirePass Security Advisory mailing-list
- https://tech.f5.com/home/solutions/sol6916.html
- securityfocus.com: 21957 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 9 Total
- http://www.mnin.org/advisories/2007_firepass.pdf x_transferred
- secunia.com: 23626 third-party-advisoryx_transferred
- secunia.com: 23640 third-party-advisoryx_transferred
- osvdb.org: 39167 vdb-entryx_transferred
- https://tech.f5.com/home/solutions/sol6924.html x_transferred
- lists.grok.org.uk: 20070106 NNL-Labs & MNIN - F5 FirePass Security Advisory mailing-listx_transferred
- archives.neohapsis.com: 20070105 NNL-Labs & MNIN - F5 FirePass Security Advisory mailing-listx_transferred
- https://tech.f5.com/home/solutions/sol6916.html x_transferred
- securityfocus.com: 21957 vdb-entryx_transferred