Vulnerabilities > CVE-2007-3097 - Remote Command Injection vulnerability in F5 FirePass 4100 SSL VPN My.Activiation.PHP3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 1 |
References
- http://secunia.com/advisories/25563
- http://www.osvdb.org/35246
- http://www.s21sec.com/avisos/s21sec-035-en.txt
- http://www.securityfocus.com/archive/1/470444/100/0/threaded
- http://www.securityfocus.com/bid/24306
- http://www.securitytracker.com/id?1018190
- http://www.vupen.com/english/advisories/2007/2073
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34708