28 matches found
K15898: PHP vulnerability CVE-2014-3710
Security Advisory Description Description The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service out-of-bounds read and application...
SOL01276005 - OpenSSL vulnerability CVE-2016-2182
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL52439336 - FreeType vulnerabilities CVE-2014-9746 and CVE-2014-9747
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL57500018 - ISC DHCP 4.x vulnerability CVE-2015-8605
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL04362926 - BIOS SMM privilege escalation vulnerability CVE-2015-0949
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL23332326 - Apache HTTPD vulnerability CVE-2010-2791
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL05770600 - Linux libuser vulnerability CVE-2015-3246
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17517 - NTP vulnerability CVE-2015-7701
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17503 - PHP vulnerabilities CVE-2015-7803 and CVE-2015-7804
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL17457 - Linux kernel vulnerability CVE-2015-6252
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL17449 - Apache Struts 2 vulnerability CVE-2015-5169
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL17242 - Linux kernel SCTP vulnerability CVE-2015-1421
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. The BIG-IP/BIG-IQ/Enterprise Manager software contains vulnerable code SCTP kernel module, but the code is not enabled by...
SOL17159 - PAM vulnerability CVE-2009-2410
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL17156 - PHP vulnerability CVE-2014-5298
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL17125 - Multiple Java vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL17123 - Apache Tomcat vulnerability CVE-2014-0230
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16961 - TLS MAC error vulnerability
Vulnerability Recommended Actions None Acknowledgements F5 would like to acknowledge Yngve N. Pettersen of TLS Prober Labs for bringing this issue to our attention, and for following the highest standards of responsible disclosure. Supplemental Information SOL9970: Subscribing to email...
SOL16900 - Multiple FreeType vulnerabilities
1The FreeType package exists on the BIG-IP system but is not used in a way that exposes this vulnerability. Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed...
SOL16940 - Multiple Wireshark vulnerabilities
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16913 - OpenSSL vulnerability CVE-2015-1789
For BIG-IP, BIG-IQ, and Enterprise Manager systems, the vulnerable code exists in the OpenSSL package; however, the code is not used in a way that would make an exploit possible. While BIG-IP v12.0.0 ships with an OpenSSL version prior to 1.0.1n, the libraries necessary to fix the issue were merg...