K5857: Client certificate check vulnerability in Apache - CVE-2005-2700

Security Advisory Description Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information on F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to K4602:...

SOL2379 - Klima-Pokorny-Rosa attack on RSA vulnerability CAN-2003-0131

F5 Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS versions 4.5.11 and 4.6.2...

SOL3277 - mod_ssl and ssl_log vulnerability VU#303448

Information about this advisory is available at the following location: F5 Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS version 4.5.11 and 4.6.2. For instructions about downloading software from F5, refer to SOL167: Downloading software from F5. A VU303448 patch has...

SOL4009 - Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599

These vulnerabilities are described as methods under which an attacker could generate a PNG file that would cause applications that use libpng to execute arbitrary code. Since an attacker would require root access to the BIG-IP or 3-DNS in order to exploit this vulnerability, it is considered to ...

SOL6623 - OpenSSL signature vulnerability - CVE-2006-4339

This security advisory describes an OpenSSL signature vulnerability. Forged RSA signatures may be accepted during client certificate validations when the certificates are signed by certain Certificate Authority CA. This flaw could potentially cause F5 products to accept maliciously crafted client...

SOL4207 - Buffer overflow in mod_include - CAN-2004-0940

The version of modinclude used in BIG-IP and 3-DNS versions prior to 4.5.12 and 4.6.3 is vulnerable, but it is not enabled by default and is not enabled by using any BIG-IP or 3-DNS features. To enable modinclude, you must modify the httpd.conf file and then install HTML pages that use modinclude...

SOL6339 - Sendmail race condition - VU#834865

F5 Networks Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS version 4.5.11 for the 4.5 software branch and in version 4.6.2 for the 4.6 software branch. F5 Networks Product Development tracked this issue and it was fixed in WebAccelerator version 5.2 for the 5.x softwa...

SOL2319 - Insufficient MAC computation in OpenSSH - CAN-2003-0078

Obtaining and installing patches F5 has released a patch for BIG-IP and 3-DNS versions 4.2 and 4.5. To download the patch, perform the following procedure 1. Open the F5 Downloads page in a browser. 2. Navigate to the BIG-IP BIG-IP v4.x 4.5.x section. 3. Click CAN-2003-0078 and download the...

SOL1518 - Multiple SSH1 vulnerabilities - CA-2001-35

CERT Advisory CA-2001-35 revisits several existing exploits for the SSH1 and SSH2 protocols handled by the sshd process. For more information about the vulnerability, refer to the CERT website at the following location: . Workaround If you have BIG-IP or 3-DNS 4.5, you can work around these issue...

SOL2593 - Buffer overflow in zlib - CAN-2003-0107

Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to SOL4602: Overview of F5 Networks securi...

SOL3456 - RADIUS authentication bypass vulnerability OpenBSD Security Fix #020

BIG-IP and 3-DNS can be configured to use loginradius for user Command Line Interface CLI authentication. When configured in this manner, both products are vulnerable to possible man-in-the-middle attacks that could result in an attacker gaining unauthorized access to the BIG-IP or 3-DNS system...

[SA16159] F5 Networks BIG-IP / 3-DNS Multiple Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

SOL4809 - tcpdump vulnerabilities - CAN-2005-1278, CAN-2005-1279, and CAN-2005-1280

F5 Networks Product Development tracked this issue as CR48152 and CR48153 and it was fixed in BIG-IP and 3-DNS version 4.5.13. This issue still exists in the BIG-IP and 3-DNS 4.6 software branch...

[SA15098] BIG-IP / 3-DNS Radius Authentication "login_radius" Security Bypass

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: BIG-IP / 3-DNS Radius Authentication "loginradius"...

BIG-IP 3-DNS Controller protection bypass

No description provided...

SOL3082 - Multiple vulnerabilities in OpenSSL - CAN-2004-0081, CAN-2004-0079, CAN-2004-0112

F5 Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS 4.5.11 and 4.6.1. Obtaining and installing patches The TA04-078A patch has been issued for BIG-IP and 3-DNS 4.5.9 and 4.6. You may download the TA04-078A patch by navigating to the BIG-IP BIG-IP v4.x 4.5 section of the...