CVE-2012-1493
CVE-2012-1493
F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.
Productos afectados
n/a · n/aPoCs públicas encontradas — 3
exploitdbwww.exploit-db.com/exploits/19064no verificadoexploitdbwww.exploit-db.com/exploits/19091no verificadoexploitdbwww.exploit-db.com/exploits/19099no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/f5_bigip_known_privkey.rbhttp://support.f5.com/kb/en-us/solutions/public/13000/600/sol13600.htmlhttps://www.trustmatta.com/advisories/MATTA-2012-002.txthttp://www.theregister.co.uk/2012/06/13/f5_kit_metasploit_exploit/