logo
DATABASE RESOURCES PRICING ABOUT US

SOL17448 - OpenSSH vulnerability CVE-2001-1473

Description

Recommended Action If you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists. F5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy. To avoid this vulnerability, you should not use SSH protocol version 1 when establishing an SSH connecting to the SSHD service on the BIG-IP, Enterprise Manager, or BIG-IQ system. For the SSHD service on the BIG-IP, Enterprise Manager, or BIG-IQ system, the SSHD configuration uses SSH protocol 2 by default. To avoid this vulnerability, do not modify it to use SSH protocol version 1. To verify the current SSH protocol enabled on your BIG-IP, Enterprise Manager, or BIG-IQ system, type the following command: grep ^Protocol /config/ssh/sshd_config Command output for the system using only SSH protocol 2 appears similar to the following example: Protocol 2 Supplemental Information * SOL9970: Subscribing to email notifications regarding F5 products * SOL9957: Creating a custom RSS feed to view new and updated documents * SOL4602: Overview of the F5 security vulnerability response policy * SOL4918: Overview of the F5 critical issue hotfix policy * SOL167: Downloading software and firmware from F5


Affected Software


CPE Name Name Version
big-iq security 4.5.0
big-ip apm 10.2.4
big-ip afm 12.0.0
big-ip ltm 11.6.0
big-ip link controller 11.6.0
big-ip webaccelerator 11.3.0
big-ip aam 12.0.0
big-ip edge gateway 11.3.0
big-ip ltm 12.0.0
big-ip apm 11.6.0
big-ip wom 10.2.4
big-ip webaccelerator 10.2.4
big-ip psm 11.4.1
big-ip analytics 11.6.0
big-ip asm 12.0.0
big-ip gtm 10.2.4
big-ip analytics 12.0.0
big-ip edge gateway 10.2.4
big-ip pem 12.0.0
big-ip gtm 11.6.0
big-ip ltm 10.2.4
big-ip asm 10.2.4
big-ip psm 10.2.4
big-ip pem 11.6.0
big-iq cloud 4.5.0
big-ip link controller 12.0.0
big-ip dns 12.0.0
big-ip apm 12.0.0
big-ip asm 11.6.0
big-iq device 4.5.0
big-iq adc 4.5.0
big-ip afm 11.6.0
big-ip aam 11.6.0
enterprise manager 3.1.1
big-ip wom 11.3.0
big-ip link controller 10.2.4

Related