K7985: ClamAV clamav-milter vulnerability - CVE-2007-4560

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

SOL15301 - Linux kernel TCP ISN vulnerability CVE-2011-3188

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. FirePass To protec...

SOL9762 - OpenSSL vulnerability - CVE-2008-5077

OpenSSL 0.9.8i and earlier versions do not properly check the return value from the EVPVerifyFinal function. Information about this advisory is available at the following locations: Note: These links take you to a resource outside of AskF5, and it is possible that the information may be removed...

SOL9754 - BIND 9 vulnerability CVE-2009-0025

BIND does not properly check the return value from the OpenSSL DSAverify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature. Information about this advisory is available at the following location: Note: The previous link takes y...

SOL8420 - ClamAV buffer overflow vulnerabilities - CVE-2007-6335, CVE-2007-6336

The FirePass controller can be configured to provide antivirus scanning of files uploaded through Portal Access. The software used to scan uploaded files is ClamAV open source software, which is enabled by selecting the Enable Standalone Virus Scanner button on the Antivirus tab of the Portal...

SOL7985 - ClamAV clamav-milter vulnerability - CVE-2007-4560

The FirePass controller can be configured to provide anti-virus scanning of files uploaded through Portal Access through the ClamAV open source software. Scanning is configured on the Antivirus tab of the Portal Access: Content Inspection page, through the Enable Standalone virus Scanner option...

SOL7983 - ClamAV NULL dereference vulnerability - CVE-2007-4510

The FirePass controller can be configured to provide anti-virus scanning of files uploaded through Portal Access through the ClamAV open source software. Scanning is configured on the Antivirus tab of the Portal Access Content Inspection page, through the Enable Standalone virus Scanner option...

SOL7544 - Full-width and half-width Unicode encoded data bypasses IDS/IPS security controls, VU #739224

Unicode is a system for encoding characters of a character set, which is used in networked applications. IDS/IPS or other security devices may fail to decode and recognize the characters that represent an attack if encoded in Unicode, and pass the characters to a target device. If the target devi...

SOL7397 - Download of local FirePass files using the URL in Webtop or the Admin UI

A vulnerability exists that allows an authenticated FirePass user to download files from the filesystem of a FirePass controller. In order to download a file, the user must first log in to the FirePass controller webtop or the Admin UI, and type a specially crafted URL into their web browser. Thi...

SOL6579 - Cross-Site Scripting Vulnerability - ProCheckUp Security Bulletin PR06-04

ProCheckUp has informed F5 Networks of a potential Cross Site Scripting XSS vulnerability in some versions of the FirePass controller. The vulnerability exists in the login sequence of the Firepass controller. The affected FirePass pages fail to fully sanitize URL input before the web page conten...

SOL7009 - Statement on ACL bypass using trailing NULL byte - MNIN/NNL Advisory

A January 2007 security advisory describes several security issues present in some versions of FirePass software. One section in the document, titled ACL Filter bypass with URL de-normalization, states that Portal Access ACL filters can be bypassed if a user appends a trailing NULL byte after the...