Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5SOL35520031
HistorySep 28, 2016 - 12:00 a.m.

SOL35520031 - BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2016-5700

2016-09-2800:00:00
support.f5.com
67

0.054 Low

EPSS

Percentile

93.2%

JSON

Vulnerability Recommended Actions

If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in theVersions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.

Only virtual servers with configurations using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable. The HTTP Explicit Proxy functionality is enabled when an HTTP profile associated with a virtual server has the Proxy Mode setting configured with the**Explicit **value. In the following HTTP profile configuration snippet example, an HTTP profile is configured with the Explicit Proxy functionality:

ltm profile http /Common/My_HTTP_explicit_profile {
   app-service none
   defaults-from /Common/http-explicit
   explicit-proxy {
       default-connect-handling allow
       dns-resolver /Common/My_DNS_resolver
   }
   proxy-type explicit
}

The following profile configuration snippet example shows a typical SOCKS profile:

ltm profile socks My_SOCKS_profile {
   app-service none
   defaults-from socks
   dns-resolver My_DNS_resolver
}

To determine if your BIG-IP system has a virtual server configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile, perform the following procedures:

  • Determining the HTTP profiles configured with the Explicit Proxy functionality
  • Determining the SOCKS profiles configured on the system
  • Determining the virtual servers that are enabled with the HTTP Explicit Proxy functionality and/or SOCKS profile

Determining the HTTP profiles configured with the Explicit Proxy functionality

Impact of action: Performing the following procedure should not have a negative impact on your system.

  1. Log in to the Traffic Management Shell (tmsh) by typing the following command:

tmsh

  1. List the HTTP profiles that are configured with the Explicit Proxy functionality by typing the following command:

list ltm profile http proxy-type | grep -B 1 explicit

  1. Note the names of the HTTP profiles. You will use the noted profile names to determine which virtual server is enabled with the HTTP Explicit Proxy functionality in the final procedure.

Determining the SOCKS profiles configured on the system

Impact of action: Performing the following procedure should not have a negative impact on your system.

  1. Log in to the tmsh utility by typing the following command:

tmsh

  1. List the SOCKS profile configured on your BIG-IP system by typing the following command:

list ltm profile socks

  1. Note the names of the configured SOCKS profiles. You will use the profile names to determine which virtual server is enabled with the SOCKS profile in the final procedure.

Determining the virtual servers that are enabled with the HTTP Explicit Proxy functionality and/or SOCKS profile

Impact of action: Performing the following procedure should not have a negative impact on your system.

  1. Log in to the tmsh utility by typing the following command:

tmsh

  1. Using the profile names obtained from the previous procedures, determine the virtual servers that are enabled with the HTTP Explicit Proxy functionality and/or SOCKS profile by using the following command syntax:

list ltm virtual all profiles | grep -B 2 <profile name>

For example, you would type the following command to determine which virtual server is using the My_HTTP_explicit_profile profile:

list ltm virtual all profiles | grep -B 2 My_HTTP_explicit_profile

  1. Repeat step 2 for the remaining profile names obtained from previous procedures.

Supplemental Information

Note: This link takes you to a resource outside of AskF5. The third party could remove the document without our knowledge.

  • SOL9970: Subscribing to email notifications regarding F5 products
  • SOL9957: Creating a custom RSS feed to view new and updated documents
  • SOL4602: Overview of the F5 security vulnerability response policy
  • SOL4918: Overview of the F5 critical issue hotfix policy
  • SOL167: Downloading software and firmware from F5
  • SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)
  • SOL9502: BIG-IP hotfix matrix

Related

f5 3
openvas 1
prion 1
nessus 3
cvelist 1
nvd 1
cve 1
f5
f5
K35520031 : BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2016-5700
2016-09-28 00:00:00
SSL Intercept iApp HTTP Explicit Proxy vulnerability CVE-2017-0305
2017-04-05 22:46:00
K02692210 : BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2017-6157
2017-10-26 00:00:00
openvas
openvas
F5 BIG-IP - BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2016-5700
2016-10-24 00:00:00
prion
prion
Design/Logic Flaw
2016-10-03 16:09:00
nessus
nessus
F5 Networks BIG-IP : BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability (K35520031)
2016-10-04 00:00:00
F5 Networks BIG-IP : BIG-IP Virtual Server HTTP Explicit Proxy / SOCKS Profile RCE (SOL35520031) (uncredentialed check)
2016-10-28 00:00:00
F5 Networks BIG-IP : BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability (K02692210)
2017-10-27 00:00:00
cvelist
cvelist
CVE-2016-5700
2016-10-03 16:00:00
nvd
nvd
CVE-2016-5700
2016-10-03 16:09:13
cve
cve
CVE-2016-5700
2016-10-03 16:09:13

0.054 Low

EPSS

Percentile

93.2%

JSON
Related for SOL35520031
f53openvas1prion1nessus3cvelist1nvd1cve1