6294 matches found
SOL17173 - OpenJDK vulnerability CVE-2015-4760
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15899 - Multiple Apache vulnerabilities CVE-2012-4558, CVE-2012-0883, CVE-2011-3348, and CVE-2010-1452
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...
SOL14909 - OpenSSL vulnerability CVE-2013-4248
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy...
SOL13519 - Multiple PHP vulnerabilities
Vulnerability Recommended Actions To mitigate this vulnerability, expose the administrative interface only on trusted networks and limit login access to trusted users. Impact of action: None. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957:...
K000138895: BIND vulnerability CVE-2023-5679
Security Advisory Description A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through...
K73422160: OpenSSL vulnerability CVE-2019-1547
Security Advisory Description Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible th...
K22141757: Artifex Ghostscript vulnerabilities CVE-2018-18284, CVE-2018-15910, CVE-2018-15911, and CVE-2018-16513
Security Advisory Description CVE-2018-18284 Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. CVE-2018-15910 In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a...
K94700053: Intel AMT vulnerability CVE-2017-5689
Security Advisory Description An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology AMT and Intel Standard Manageability ISM. An unprivileged local attacker could provision manageability features gaining...
K63404203: Oracle Java SE vulnerability CVE-2018-11212
Security Advisory Description An issue was discovered in libjpeg 9a. The allocsarray function in jmemmgr.c allows remote attackers to cause a denial of service divide-by-zero error via a crafted file. CVE-2018-11212 Impact Traffix SDC An attacker can exploit this vulnerability to cause a denial o...
K15899: Multiple Apache vulnerabilities CVE-2012-4558, CVE-2012-0883, CVE-2011-3348, and CVE-2010-1452
Security Advisory Description CVE-2010-1452 The 1 modcache and 2 moddav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service process crash via a request that lacks a path. CVE-2011-3348 The modproxyajp module in the Apache HTTP Server before...
K69309752: Apache HTTPD vulnerability CVE-2022-30556
Security Advisory Description Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer. CVE-2022-30556 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
K43638305: BIG-IP TMUI XSS vulnerability CVE-2020-5903
Security Advisory Description A Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. CVE-2020-5903 Impact An attacker can exploit this vulnerability to run JavaScript in the context of the currently logged-in user. In the case of an...
K65460334: Expat XML parser vulnerability CVE-2012-6702
Security Advisory Description Expat, when used in a parser that has not called XMLSetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. CVE-2012-6702 Impact An attacker m...
K31530542: PHP vulnerabilities CVE-2007-1777, CVE-2007-3997, CVE-2007-4657, CVE-2008-3658, and CVE-2008-3659
Security Advisory Description CVE-2007-1777 Integer overflow in the zipreadentry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call,...
SOL35239571 - PHP vulnerability CVE-2015-3329
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL30971148 - Apache Tomcat 6.x vulnerabilities CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, and CVE-2016-0714
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17382 - OpenSSL vulnerability CVE-2010-4252
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL17242 - Linux kernel SCTP vulnerability CVE-2015-1421
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. The BIG-IP/BIG-IQ/Enterprise Manager software contains vulnerable code SCTP kernel module, but the code is not enabled by...
SOL15623 - GnuTLS vulnerability CVE-2009-5138
Recommended Action For affected ARX systems, F5 recommends that you expose the management interface only on trusted networks. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602:...
SOL13719 - Samba vulnerability CVE-2012-1182
Vulnerability Recommended Actions None Supplemental Information CVE-2012-1182 Note: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge. SOL9970: Subscribing to email notifications regarding F5 products SOL9957:...
SOL2379 - Klima-Pokorny-Rosa attack on RSA vulnerability CAN-2003-0131
F5 Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS versions 4.5.11 and 4.6.2...
SOL6878 - Apache Rewrite module (mod_rewrite) vulnerabilities CVE-2006-3747
This security advisory describes an off-by-one error, which means the bits are shifted to the left or the right by one value, in the LDAP scheme handling of the Apache Rewrite module. The vulnerability within the Apache Rewrite module allows remote attackers to cause a Denial of Service attack or...
SOL4583 - Insufficient validation of ICMP error messages - VU#222750 / CVE-2004-0790
This vulnerability describes the use of spoofed ICMP packets to affect existing TCP connections. An attacker could cause a TCP connection to be closed or slowed by interfering with the Path MTU Discovery process or by generating one of the following spoofed ICMP messages: Destination unreachable...
K000138990: BIND vulnerability CVE-2023-4408
Security Advisory Description The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting thi...
K15311661: NodeJS vulnerability CVE-2016-2086
Security Advisory Description Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. CVE-2016-2086 Impact An attacker may be able to perform HTTP reques...
K46444421: Linux Kernel Vulnerability CVE-2019-9458
Security Advisory Description In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. CVE-2019-9458 Impact There i...
K13993: Cross-site URL redirection attack vulnerability CVE-2009-4017
Security Advisory Description F5 FirePass SSL VPN contains a flaw that allows a remote cross-site redirection attack. This flaw exists because the application does not validate the refreshURL parameter upon submission to the my.activation.cns.php3 script. As a result, a user could create a URL...
K16531: Linux kernel vulnerability CVE-2014-4027
Security Advisory Description The rdbuilddevicespace function in drivers/target/targetcorerd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdiskmcp memory by leveraging access to a SCSI...
K18657134: Linux kernel vulnerability CVE-2018-16871
Security Advisory Description A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic t...
K52510511: Advanced WAF/ASM buffer-overflow vulnerability CVE-2021-22992
Security Advisory Description A malicious HTTP response to an Advanced WAF/ASM virtual server with Login Page configured in its policy may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it may allow remote code execution RCE, leading to complete system compromise...
K41309988: FreeIPA vulnerability CVE-2016-5404
Security Advisory Description The certrevoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission. CVE-2016-5404 Impact There is no impact; F5 product...
K34303485: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) CVE-2019-11091
Security Advisory Description Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2019-11091...
K59313410: OpenSSL vulnerability CVE-2022-2274
Security Advisory Description The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during...
K04481502: Ghostscript vulnerability CVE-2021-3781
Security Advisory Description A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the...
K14760551: Multiple libwebp vulnerabilities
Security Advisory Description CVE-2018-25009 A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function WebPMuxCreateInternal. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2018-25010 A flaw was...
K24642829: Linux kernel vulnerability CVE-2015-7515
Security Advisory Description The aiptekprobe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash via a crafted USB device that lacks endpoints. CVE-2015-7515 Impact A...
K41320158: Apache vulnerability CVE-2021-26690
Security Advisory Description Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service CVE-2021-26690 Impact There is no impact; F5 products are not affected by this...
K51100910: rpcbind vulnerabilities CVE-2017-8779 and CVE-2017-8804
Security Advisory Description CVE-2017-8779 rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory...
K16353: Multiple JavaSE server-side vulnerabilities CVE-2015-0383, CVE-2015-0410, and CVE-2014-6593
Security Advisory Description CVE-2015-0383 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. CVE-2015-0410...
SOL90492697 - OpenSSL vulnerability CVE-2016-6306
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL23374214 - Apache Shiro vulnerability CVE-2016-4437
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL20145801 - Mozilla NSS vulnerability CVE-2016-1979
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL71245322 - NTP vulnerability CVE-2015-8138
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL05428062 - pcregrep in PCRE vulnerability CVE-2015-8393
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL33209124 - OpenSSL vulnerability CVE-2015-3197
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16912 - BIND vulnerability CVE-2015-4620
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16334 - Apache Struts vulnerability CVE-2013-4316
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL13588 - PHP vulnerability CVE-2011-4885
Recommended action BIG-IP To mitigate this vulnerability, expose the administrative interface only on trusted networks and limit login access to trusted users. FirePass For information about hotfix status, contact F5 Technical Support. Supplemental Information CVE-2011-4885 SOL9970: Subscribing t...
K000139447: Apache httpd vulnerability CVE-2024-24795
Security Advisory Description HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this...
K000138651: c-ares vulnerability CVE-2022-4904
Security Advisory Description A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrit...