BIG-IP network appliances remote access vulnerability
Networking equipment specialist F5 Networks is warning users about a security vulnerability in its network appliances – including its flagship BIG-IP family of products – that could allow a remote attacker to gain root access via SSH on some devices. The vulnerability affects the following platforms: BIG-IP 520, 540, 1000, 2000, 2400, 5000, 5100, 1600, 3600, 3900, 6900, 8900, 8950, 11000 and 11050, VIPRION B2100, B4100 and B4200, and Enterprise Manager 3000 and 4000, as well as the BIG-IP Virtual Edition.
These products are only vulnerable if SSH access on port 22 is allowed. Users can check their systems to see if an attacker has exploited the hole by checking for unexpected root login messages under
/var/log/secure. The company says that the problem is the result of "a configuration error"; further details have not been provided.
A full list of affected firmware versions is given in the security advisory. Firmware upgrades that close the security hole are available; users who cannot upgrade to a non-vulnerable version are advised to reconfigure SSH access on their systems.
- SOL13600: SSH vulnerability CVE-2012-1493, security advisory from F5 Networks.