Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.F5_BIGIP_SOL09408132.NASL
HistoryAug 19, 2016 - 12:00 a.m.

F5 Networks BIG-IP : glibc vulnerability (SOL09408132)

2016-08-1900:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
JSON

Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution SOL09408132.
#
# The text description of this plugin is (C) F5 Networks.
#

include("compat.inc");

if (description)
{
  script_id(93030);
  script_version("2.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/03/10");

  script_cve_id("CVE-2011-1071", "CVE-2011-1659");
  script_bugtraq_id(46563, 64464);

  script_name(english:"F5 Networks BIG-IP : glibc vulnerability (SOL09408132)");
  script_summary(english:"Checks the BIG-IP version.");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote device is missing a vendor-supplied security patch."
  );
  script_set_attribute(
    attribute:"description",
    value:
"Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or
libc6) 2.13 and earlier allows context-dependent attackers to cause a
denial of service (application crash) via a long UTF8 string that is
used in an fnmatch call with a crafted pattern argument, a different
vulnerability than CVE-2011-1071."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://support.f5.com/csp/article/K09408132"
  );
  script_set_attribute(
    attribute:"solution",
    value:
"Upgrade to one of the non-vulnerable versions listed in the F5
Solution SOL09408132."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_wan_optimization_manager");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_webaccelerator");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip_protocol_security_manager");

  script_set_attribute(attribute:"vuln_publication_date", value:"2011/04/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/08/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/08/19");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"F5 Networks Local Security Checks");

  script_dependencies("f5_bigip_detect.nbin");
  script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version");

  exit(0);
}


include("f5_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
version = get_kb_item("Host/BIG-IP/version");
if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP");
if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix");
if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules");

sol = "SOL09408132";
vmatrix = make_array();

# APM
vmatrix["APM"] = make_array();
vmatrix["APM"]["affected"  ] = make_list("10.2.1-10.2.4");
vmatrix["APM"]["unaffected"] = make_list("12.0.0-12.1.0","11.4.0-11.6.1","11.2.1");

# ASM
vmatrix["ASM"] = make_array();
vmatrix["ASM"]["affected"  ] = make_list("10.2.1-10.2.4");
vmatrix["ASM"]["unaffected"] = make_list("12.0.0-12.1.0","11.4.0-11.6.1","11.2.1");

# GTM
vmatrix["GTM"] = make_array();
vmatrix["GTM"]["affected"  ] = make_list("10.2.1-10.2.4");
vmatrix["GTM"]["unaffected"] = make_list("11.4.0-11.6.1","11.2.1");

# LC
vmatrix["LC"] = make_array();
vmatrix["LC"]["affected"  ] = make_list("10.2.1-10.2.4");
vmatrix["LC"]["unaffected"] = make_list("12.0.0-12.1.0","11.4.0-11.6.1","11.2.1");

# LTM
vmatrix["LTM"] = make_array();
vmatrix["LTM"]["affected"  ] = make_list("10.2.1-10.2.4");
vmatrix["LTM"]["unaffected"] = make_list("12.0.0-12.1.0","11.4.0-11.6.1","11.2.1");

# PSM
vmatrix["PSM"] = make_array();
vmatrix["PSM"]["affected"  ] = make_list("10.2.1-10.2.4");
vmatrix["PSM"]["unaffected"] = make_list("11.4.0-11.4.1");

# WAM
vmatrix["WAM"] = make_array();
vmatrix["WAM"]["affected"  ] = make_list("10.2.1-10.2.4");
vmatrix["WAM"]["unaffected"] = make_list("11.2.1");

# WOM
vmatrix["WOM"] = make_array();
vmatrix["WOM"]["affected"  ] = make_list("10.2.1-10.2.4");
vmatrix["WOM"]["unaffected"] = make_list("11.2.1");


if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
  if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = bigip_get_tested_modules();
  audit_extra = "For BIG-IP module(s) " + tested + ",";
  if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
  else audit(AUDIT_HOST_NOT, "running any of the affected modules");
}
VendorProductVersionCPE
f5big-ip_access_policy_managercpe:/a:f5:big-ip_access_policy_manager
f5big-ip_application_security_managercpe:/a:f5:big-ip_application_security_manager
f5big-ip_global_traffic_managercpe:/a:f5:big-ip_global_traffic_manager
f5big-ip_link_controllercpe:/a:f5:big-ip_link_controller
f5big-ip_local_traffic_managercpe:/a:f5:big-ip_local_traffic_manager
f5big-ip_wan_optimization_managercpe:/a:f5:big-ip_wan_optimization_manager
f5big-ip_webacceleratorcpe:/a:f5:big-ip_webaccelerator
f5big-ipcpe:/h:f5:big-ip
f5big-ip_protocol_security_managercpe:/h:f5:big-ip_protocol_security_manager

Related

prion 2
f5 3
debiancve 2
ubuntucve 2
cve 2
oraclelinux 3
openvas 21
altlinux 2
veracode 2
nessus 26
redhat 3
vmware 4
centos 2
securityvulns 3
ibm 1
gentoo 1
ubuntu 1
prion
prion
Integer overflow
2011-04-08 15:17:00
Design/Logic Flaw
2011-04-08 15:17:00
f5
f5
K09408132 : glibc vulnerability CVE-2011-1659
2016-08-18 00:00:00
K15885 : GNU C Library vulnerability CVE-2011-1071
2015-06-13 00:00:00
SOL15885 - GNU C Library vulnerability CVE-2011-1071
2014-11-27 00:00:00
debiancve
debiancve
CVE-2011-1659
2011-04-08 15:17:00
CVE-2011-1071
2011-04-08 15:17:00
ubuntucve
ubuntucve
CVE-2011-1659
2011-04-08 00:00:00
CVE-2011-1071
2011-04-08 00:00:00
cve
cve
CVE-2011-1659
2011-04-08 15:17:00
CVE-2011-1071
2011-04-08 15:17:00
oraclelinux
oraclelinux
glibc security update
2011-04-04 00:00:00
glibc security update
2011-04-04 00:00:00
glibc security and bug fix update
2012-02-13 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2011-0413)
2015-10-06 00:00:00
Oracle: Security Advisory (ELSA-2011-0412)
2015-10-06 00:00:00
Gentoo Security Advisory GLSA 201312-01
2015-09-29 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package glibc version 6:2.11.3-alt4
2011-04-28 00:00:00
Security fix for the ALT Linux 6 package glibc version 6:2.11.3-alt4
2011-04-28 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:55:27
Arbitrary Code Execution
2020-04-10 00:55:26
nessus
nessus
Mandriva Linux Security Advisory : glibc (MDVSA-2011:179)
2012-09-06 00:00:00
RHEL 6 : glibc (RHSA-2011:0413)
2011-04-05 00:00:00
Oracle Linux 6 : glibc (ELSA-2011-0413)
2013-07-12 00:00:00
redhat
redhat
(RHSA-2011:0413) Important: glibc security update
2011-04-04 00:00:00
(RHSA-2011:0412) Important: glibc security update
2011-04-04 00:00:00
(RHSA-2012:0125) Moderate: glibc security and bug fix update
2012-02-13 00:00:00
vmware
vmware
VMware ESX third party updates for Service Console packages glibc and dhcp
2011-07-28 00:00:00
VMware ESX third party updates for Service Console packages glibc and dhcp
2011-07-28 00:00:00
VMware ESXi and ESX updates to third party libraries and ESX Service Console
2011-10-12 00:00:00
centos
centos
glibc, nscd security update
2011-04-14 13:51:19
glibc, nptl, nscd security update
2012-02-14 02:09:08
securityvulns
securityvulns
glibc multiple security vulnerabilities
2011-12-04 00:00:00
[ MDVSA-2011:178 ] glibc
2011-12-04 00:00:00
[USN-1396-1] GNU C Library vulnerabilities
2012-03-10 00:00:00
ibm
ibm
Security Bulletin: z/TPF is affected by GNU C library (glibc) vulnerabilities
2019-03-01 18:05:01
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2013-12-03 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2012-03-09 00:00:00
JSON
Related for F5_BIGIP_SOL09408132.NASL
prion2f53debiancve2ubuntucve2cve2oraclelinux3openvas21altlinux2veracode2nessus26redhat3vmware4centos2securityvulns3ibm1gentoo1ubuntu1