EUVD-2012-2978

Malware in sbrugna...

K10366: BIND vulnerability - CVE-2009-0696

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...

K03512441: ImageMagick vulnerability CVE-2019-13136

Security Advisory Description ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. CVE-2019-13136 Impact BIG-IP AAM, Edge Gateway, WebAccelerator This issue affects BIG-IP systems only when WAM or AAM is provisioned. If exploited...

K16349: Linux kernel vulnerability CVE-2009-0676

Security Advisory Description Description The sockgetsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SOBSDCOMPAT getsockopt reques...

K8939: SNMPv3 HMAC verification vulnerability CVE-2008-0960 - VU#878044

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K12650: PHP vulnerability CVE-2010-4645

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...

K8106: OpenSSL SSL_get_shared_ciphers vulnerability CVE-2007-5135

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...

K11220361: LibTIFF vulnerability CVE-2015-1547

Security Advisory Description The NeXTDecode function in tifnext.c in LibTIFF allows remote attackers to cause a denial of service uninitialized memory access via a crafted TIFF image, as demonstrated by libtiff5.tif. CVE-2015-1547 Impact This vulnerability allows a remote attacker to cause a...

K68785753: ImageMagick vulnerability CVE-2015-8898

Security Advisory Description The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted image file. CVE-2015-8898 Impact BIG-IP systems that use a WebAcceleration profile configured wit...

K29154575: ImageMagick vulnerability CVE-2016-3717

Security Advisory Description The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image. CVE-2016-3717 Note : This vulnerability is one of the series of vulnerabilities known as ImageTragick. Impact Exploiting this...

K16882: OpenLDAP vulnerability CVE-2013-4449

Security Advisory Description Description The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the...

K15746: Linux kernel vulnerability CVE-2012-4542

Security Advisory Description Description block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping...

K16318: OpenSSL vulnerability CVE-2015-0287

Security Advisory Description The ASN1itemexd2i function in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service invalid wri...

K000132457: ImageMagick vulnerability CVE-2022-44268

Security Advisory Description ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image e.g., for resize, the resulting image could have embedded the content of an arbitrary. file if the magick binary has permissions to read it. CVE-2022-44268 Impact BIG-IP AAM, Edg...

K14317: OpenSSH J-PAKE vulnerability CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate. F5 products do not include J-PAKE in the OpenSSH programs a...

K19784568: TMM vulnerability CVE-2016-5023

Security Advisory Description Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service Traffic Management Microkernel...

F5 Networks BIG-IP : ImageMagick vulnerability (K03512441)

ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. CVE-2019-13136 Impact BIG-IP AAM,Edge Gateway, WebAccelerator This issue affects BIG-IP systems only when WAM or AAM is provisioned.If exploited, this vulnerability may result ...

F5 Networks BIG-IP : ImageMagick vulnerability (K20336394)

ImageMagick before 7.0.8-50 has a 'use of uninitialized value' vulnerability in the function ReadCUTImage in coders/cut.c. CVE-2019-13135 Impact BIG-IP AAM,Edge Gateway, and WebAccelerator This issue affects BIG-IP systems only when WAM or AAM is provisioned. If exploited, this vulnerabilitymay...

Multiple F5 BIG-IP Products CVE-2019-6671 Memory Leak Denial of Service Vulnerability

Description Multiple F5 BIG-IP Products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial of service condition. Technologies Affected F5 BIG-IP AAM 13.1.0 F5 BIG-IP AAM 13.1.3 F5 BIG-IP AAM 14.0.0 F5 BIG-IP AAM 14.0.1 F5 BIG-IP AAM 14.1.0 F5 BIG-IP...

CVE-2019-6609

CVE-2019-6609 affects BIG-IP on iSeries (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) where the secureKeyCapable attribute is not set. This prevents Secure Vault from using F5 hardware support to protect the unit key, causing the unit key ...