Vulnerabilities > F5 > Firepass > 5.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-12 | CVE-2007-0195 | Input Validation vulnerability in F5 Firepass my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0 displays different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to confirm the validity of an LDAP account. | 5.0 |
| 2007-01-12 | CVE-2007-0188 | Input Validation vulnerability in F5 Firepass F5 FirePass 5.4 through 5.5.1 does not properly enforce host access restrictions when a client uses a single integer (dword) representation of an IP address ("dotless IP address"), which allows remote authenticated users to connect to the FirePass administrator console and certain other network resources. | 6.5 |
| 2007-01-12 | CVE-2007-0187 | Input Validation vulnerability in F5 Firepass F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via (1) a trailing null byte, (2) multiple leading slashes, (3) Unicode encoding, (4) URL-encoded directory traversal or same-directory characters, or (5) upper case letters in the domain name. | 7.5 |