F5F5:K6634K6634 : pam_ldap vulnerability - CVE-2005-2641
Security Advisory Description
Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5 security vulnerability response policy.
F5 products and versions that have been evaluated for this Security Advisory
| Product | Affected | Not Affected |
|---|---|---|
| BIG-IP LTM | 9.0.0 - 9.1.2 | |
| 9.2.0 | 9.1.3 | |
| 9.2.2 - 9.2.5 | ||
| 9.3.x | ||
| 9.4.x | ||
| 9.6.x | ||
| 10.x | ||
| 11.x | ||
| BIG-IP GTM |
None
| 9.2.2 - 9.2.5
9.3.x
9.4.x
10.x
11.x
BIG-IP ASM|
9.2.0
| 9.2.2 - 9.2.5
9.3.x
9.4.x
10.x
11.x
BIG-IP Link Controller|
None
| 9.2.2 - 9.2.5
9.3.x
9.4.x
10.x
11.x
BIG-IP WebAccelerator|
None
| 9.4.x
10.x
11.x
BIG-IP PSM|
None
| 9.4…x
10.x
11.x
BIG-IP WAN Optimization|
None
| 10.x
11.x
BIG-IP APM|
None
|
10.x
11.x
BIG-IP Edge Gateway|
None
|
10.x
11.x
BIG-IP Analytics| None| 11.x
BIG-IP AFM| None| 11.x
BIG-IP PEM
| None| 11.x
FirePass|
None
| 3.x
4.x
5.x
6.x
7.x
Enterprise Manager|
None
| 1.x
2.x
This security advisory describes a pam_ldap vulnerability. Clients who are referred to a different server than the server on which they were originally authenticated, with a different TLS encryption requirement, could possibly bypass the new server’s TLS requirements.
Information about this advisory is available at the following location:
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2641>
F5 Product Development tracked this issue as CR54024 and CR68903 and it was fixed in BIG-IP 9.1.3 and 9.2.2. For information about upgrading, refer to the BIG-IP LTM or ASM release notes.
Related
