ID
VAR-E-201408-0275
CVE
| cve_id: | CVE-2014-2927 | Trust: 1.0 |
EDB ID
34465
TITLE
F5 Big-IP - rsync Access - Hardware remote Exploit
Trust: 0.6
DESCRIPTION
F5 Big-IP - rsync Access. CVE-2014-2927 . remote exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | f5 | model: | big-ip | scope: | - | version: | - | Trust: 1.6 |
EXPLOIT
When configured in a high availability mode, the F5 solution suffers from an unauthenticated rsync access vulnerability that can be leveraged to upload a malicious SSH key and gain remote root access to the appliance.
The BigIP platform configures an rsync daemon listening on the ConfigSync interfaces when the system is configured in a failover mode. The rsync daemon as currently configured does not require any authentication and the “cmi” module has complete read/write access to the system. If the ConfigSync IP addresses are accessible by a malicious third party, it is possible to upload an authorized_keys file directly into the /var/ssh/root directory and then open a root SSH session on the f5 device.
Advisory: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/34465.pdf
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
rsync Access
Trust: 1.0
CREDITS
Security-Assessment.com
Trust: 0.6
EXTERNAL IDS
| db: | EXPLOIT-DB | id: | 34465 | Trust: 1.6 |
| db: | NVD | id: | CVE-2014-2927 | Trust: 1.0 |
| db: | EDBNET | id: | 55797 | Trust: 0.6 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-2927 | Trust: 1.0 |
| url: | https://www.exploit-db.com/exploits/34465/ | Trust: 0.6 |
SOURCES
| db: | EXPLOIT-DB | id: | 34465 |
| db: | EDBNET | id: | 55797 |
LAST UPDATE DATE
2022-07-27T09:58:44.602000+00:00
SOURCES RELEASE DATE
| db: | EXPLOIT-DB | id: | 34465 | date: | 2014-08-29T00:00:00 |
| db: | EDBNET | id: | 55797 | date: | 2014-08-29T00:00:00 |