Lucene search
F5 Networks BIG-IP : libcurl vulnerability (K10196624)
🗓️ 26 Dec 2017 00:00:00Reported by This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.Type 
nessus🔗 www.tenable.com👁 30 Views
F5 Networks BIG-IP libcurl vulnerability (K10196624) impact on the big3d proces
Show more
| Reporter | Title | Published | Views | Family All 102 |
|---|---|---|---|---|
 | Double free | 31 Jul 201821:29 | – | prion |
 | Memory Leak | 1 Aug 201810:15 | – | veracode |
 | CVE-2016-8618 | 31 Jul 201821:29 | – | osv |
| curl - security update | 17 Nov 201600:00 | – | osv |
| curl - security update | 3 Nov 201600:00 | – | osv |
| OPENSUSE-SU-2024:10303-1 curl-7.51.0-1.1 on GA media | 15 Jun 202400:00 | – | osv |
| RHSA-2018:3558 Red Hat Security Advisory: httpd24 security, bug fix, and enhancement update | 13 Sep 202416:54 | – | osv |
 | CVE-2016-8618 | 31 Jul 201821:00 | – | cvelist |
 | CVE-2016-8618 | 31 Jul 201821:29 | – | nvd |
 | CVE-2016-8618 | 31 Jul 201821:29 | – | debiancve |
10
| Source | Link |
|---|---|
| support | www.support.f5.com/csp/article/K10196624 |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K10196624.
#
# The text description of this plugin is (C) F5 Networks.
#
include("compat.inc");
if (description)
{
script_id(105436);
script_version("3.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/08/27");
script_cve_id("CVE-2016-8618");
script_name(english:"F5 Networks BIG-IP : libcurl vulnerability (K10196624)");
script_summary(english:"Checks the BIG-IP version.");
script_set_attribute(
attribute:"synopsis",
value:"The remote device is missing a vendor-supplied security patch."
);
script_set_attribute(
attribute:"description",
value:
"The libcurl API function called `curl_maprintf()` before version
7.51.0 can be tricked into doing a double-free due to an unsafe
`size_t` multiplication, on systems using 32 bit `size_t` variables.
(CVE-2016-8618)
Impact
A custom monitor or script that calls the curl command may allow
unauthorized disclosure of information,unauthorized modification, and
disruption of service. The big3d process, which includes the libcurl
library, may allow unauthorized disclosure of information,unauthorized
modification, and disruption of service."
);
script_set_attribute(
attribute:"see_also",
value:"https://support.f5.com/csp/article/K10196624"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade to one of the non-vulnerable versions listed in the F5
Solution K10196624."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_webaccelerator");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip_protocol_security_manager");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/31");
script_set_attribute(attribute:"patch_publication_date", value:"2017/04/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/12/26");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"F5 Networks Local Security Checks");
script_dependencies("f5_bigip_detect.nbin");
script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport");
exit(0);
}
include("f5_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
version = get_kb_item("Host/BIG-IP/version");
if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP");
if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix");
if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules");
sol = "K10196624";
vmatrix = make_array();
if (report_paranoia < 2) audit(AUDIT_PARANOID);
# AFM
vmatrix["AFM"] = make_array();
vmatrix["AFM"]["affected" ] = make_list("13.0.0-13.0.1","12.0.0-12.1.5","11.4.0-11.6.5");
vmatrix["AFM"]["unaffected"] = make_list("13.1.0");
# AM
vmatrix["AM"] = make_array();
vmatrix["AM"]["affected" ] = make_list("13.0.0-13.0.1","12.0.0-12.1.5","11.4.0-11.6.5");
vmatrix["AM"]["unaffected"] = make_list("13.1.0");
# APM
vmatrix["APM"] = make_array();
vmatrix["APM"]["affected" ] = make_list("13.0.0-13.0.1","12.0.0-12.1.5","11.4.0-11.6.5","11.2.1");
vmatrix["APM"]["unaffected"] = make_list("13.1.0");
# ASM
vmatrix["ASM"] = make_array();
vmatrix["ASM"]["affected" ] = make_list("13.0.0-13.0.1","12.0.0-12.1.5","11.4.0-11.6.5","11.2.1");
vmatrix["ASM"]["unaffected"] = make_list("13.1.0");
# AVR
vmatrix["AVR"] = make_array();
vmatrix["AVR"]["affected" ] = make_list("13.0.0-13.0.1","12.0.0-12.1.5","11.4.0-11.6.5","11.2.1");
vmatrix["AVR"]["unaffected"] = make_list("13.1.0");
# LC
vmatrix["LC"] = make_array();
vmatrix["LC"]["affected" ] = make_list("13.0.0-13.0.1","12.0.0-12.1.5","11.4.0-11.6.5","11.2.1");
vmatrix["LC"]["unaffected"] = make_list("13.1.0");
# LTM
vmatrix["LTM"] = make_array();
vmatrix["LTM"]["affected" ] = make_list("13.0.0-13.0.1","12.0.0-12.1.5","11.4.0-11.6.5","11.2.1");
vmatrix["LTM"]["unaffected"] = make_list("13.1.0");
# PEM
vmatrix["PEM"] = make_array();
vmatrix["PEM"]["affected" ] = make_list("13.0.0-13.0.1","12.0.0-12.1.5","11.4.0-11.6.5");
vmatrix["PEM"]["unaffected"] = make_list("13.1.0");
if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = bigip_get_tested_modules();
audit_extra = "For BIG-IP module(s) " + tested + ",";
if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
else audit(AUDIT_HOST_NOT, "running any of the affected modules");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo26 Dec 2017 00:00Current
CVSS27.5
CVSS35.3 - 9.8
EPSS0.00938