SSH private key gives attackers access to BIG-IP appliances
From http://h-online.com/-1616936
Quote:
After networking equipment specialist F5 Networks warned of a vulnerability in numerous network appliances on Tuesday, further details of the flaw that allowed attackers to log into devices at root privilege level have now emerged. F5 said that the situation was caused by a configuration error, but Florent Daigniere from Matta Consulting has identified an SSH private key as the cause.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|