K22843911: F5 Path MTU Discovery vulnerability CVE-2015-7759

Security Advisory Description BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote attackers to cause a denial of service Traffic Management Microkernel TM...

K10366: BIND vulnerability - CVE-2009-0696

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...

K16349: Linux kernel vulnerability CVE-2009-0676

Security Advisory Description Description The sockgetsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SOBSDCOMPAT getsockopt reques...

K8939: SNMPv3 HMAC verification vulnerability CVE-2008-0960 - VU#878044

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K8106: OpenSSL SSL_get_shared_ciphers vulnerability CVE-2007-5135

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...

K16882: OpenLDAP vulnerability CVE-2013-4449

Security Advisory Description Description The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the...

K15746: Linux kernel vulnerability CVE-2012-4542

Security Advisory Description Description block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping...

K16318: OpenSSL vulnerability CVE-2015-0287

Security Advisory Description The ASN1itemexd2i function in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service invalid wri...

K14317: OpenSSH J-PAKE vulnerability CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate. F5 products do not include J-PAKE in the OpenSSH programs a...

K19784568: TMM vulnerability CVE-2016-5023

Security Advisory Description Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service Traffic Management Microkernel...

CVE-2020-27725

In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this...

Design/Logic Flaw

In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this...

CVE-2020-27725

In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this...

CVE-2020-27725

The CVE-2020-27725 issue affects BIG-IP DNS/GTM/Link Controller where the zxfrd memory leaks when listing DNS zones via TMSH, iControl, or SNMP. Affected versions include BIG-IP 11.6.1–11.6.5.2, 12.1.0–12.1.5.2, 13.1.0–13.1.3.4, 14.1.0–14.1.3, and 15.1.0–15.1.0.5. The underlying risk is a memory ...

F5 Networks BIG-IP : ImageMagick vulnerability (K03512441)

ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. CVE-2019-13136 Impact BIG-IP AAM,Edge Gateway, WebAccelerator This issue affects BIG-IP systems only when WAM or AAM is provisioned.If exploited, this vulnerability may result ...

F5 Networks BIG-IP : ImageMagick vulnerability (K20336394)

ImageMagick before 7.0.8-50 has a 'use of uninitialized value' vulnerability in the function ReadCUTImage in coders/cut.c. CVE-2019-13135 Impact BIG-IP AAM,Edge Gateway, and WebAccelerator This issue affects BIG-IP systems only when WAM or AAM is provisioned. If exploited, this vulnerabilitymay...

Multiple F5 BIG-IP Products CVE-2019-6670 Information Disclosure Vulnerability

Description Multiple F5 BIG-IP Products are prone to an information-disclosure vulnerability. Successfully exploiting this issue may allow attackers to obtain sensitive information. This may lead to other attacks. Technologies Affected F5 BIG-IP AAM 11.6.1 F5 BIG-IP AFM 11.6.1 F5 BIG-IP APM 11.6....

Multiple F5 BIG-IP Products CVE-2019-6671 Memory Leak Denial of Service Vulnerability

Description Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial of service condition. Technologies Affected F5 BIG-IP AAM 13.1.0 F5 BIG-IP AAM 13.1.3 F5 BIG-IP AAM 14.0.0 F5 BIG-IP AAM 14.0.1 F5 BIG-IP AAM 14.1.0 F5 BIG-IP...

CVE-2019-6609

CVE-2019-6609 affects BIG-IP on iSeries (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) where the secureKeyCapable attribute is not set. This prevents Secure Vault from using F5 hardware support to protect the unit key, causing the unit key ...

F5 Networks BIG-IP : BIG-IP SNMPD vulnerability (K12139752)

Under certain conditions, the snmpd process may leak memory on a multi-blade BIG-IP Virtual Clustered Multiprocessing vCMP guest when processing authorized SNMP requests. CVE-2019-6608 Impact Over time, the snmpd process consumes excessive memory, forcing the BIG-IP system to slow down and...