6294 matches found
K16871: logrotate vulnerability CVE-2011-1155
Security Advisory Description The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service rotation outage via a 1 \n newline or 2 \ backslash character in a log filename, as demonstrated by a filename that is...
K5534: Apache mod_proxy message format vulnerability CAN-2004-0700
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K44318398: Net-SNMP vulnerability CVE-2020-15862
Security Advisory Description Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. CVE-2020-15862 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisor...
K20503360: Binutils vulnerability CVE-2018-13033
Security Advisory Description The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted ELF file, as demonstrated by bfdelfparseattributes in...
K01294982: Oracle Java SE vulnerability CVE-2018-2811
Security Advisory Description Vulnerability in the Java SE component of Oracle Java SE subcomponent: Install. Supported versions that are affected are Java SE: 8u162 and 10. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE executes ...
K32553170: OpenSSL vulnerability CVE-2022-3358
Security Advisory Description OpenSSL supports creating a custom cipher via the legacy EVPCIPHERmethnew function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom...
K86435316: OpenJDK vulnerabilities CVE-2020-2585 and CVE-2020-2655
Security Advisory Description CVE-2020-2585 Vulnerability in the Java SE product of Oracle Java SE component: JavaFX. The supported version that is affected is Java SE: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi...
K00384005: Linux kernel vulnerability CVE-2020-7053
Security Advisory Description In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 and 5.x before 5.2, there is a use-after-free write in the i915ppgttclose function in drivers/gpu/drm/i915/i915gemgtt.c, aka CID-7dc40713618c. This is related to...
K53632470: PostgreSQL vulnerabilities CVE-2020-25694, CVE-2020-25695
Security Advisory Description CVE-2020-25694 A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while droppi...
K16449953: Linux parse_audio_mixer_unit kernel vulnerability CVE-2019-15117
Security Advisory Description parseaudiomixerunit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. CVE-2019-15117 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...
K99998454: iControl REST vulnerability CVE-2016-5021
Security Advisory Description The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1;...
K18004724: Linux kernel vulnerability CVE-2020-8835
Security Advisory Description In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series,...
K06493172: glibc vulnerability CVE-2016-3706
Security Advisory Description Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library aka glibc or libc6 allows remote attackers to cause a denial of service crash via vectors involving hostent conversion. NOTE: this vulnerability exists because...
K14301401: MySQL vulnerabilities CVE-2018-3185, CVE-2018-3186, CVE-2018-3187, CVE-2018-3195, and CVE-2018-3200
Security Advisory Description CVE-2018-3185 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...
K16346064: glibc vulnerability CVE-2020-29562
Security Advisory Description The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. CVE-2020-29562 Impact...
K86300800: Apache Struts 2 vulnerability CVE-2017-9787
Security Advisory Description When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack when user was properly authenticated. Solution is to upgrade to Apache Struts version 2.5.12 or 2.3.33. CVE-2017-9787 Impact There is no impact; F5 products are not...
K71103363: BIG-IP big3d vulnerability CVE-2022-29480
Security Advisory Description When multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. CVE-2022-29480 Impact This vulnerability allows a remote, unauthenticated attacker to cause a degradation of service that can lead to a...
K62553631: Binutils vulnerabilities CVE-2018-7570, CVE-2018-9996, and CVE-2018-10372
Security Advisory Description CVE-2018-7570 The assignfilepositionsfornonloadsections function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash vi...
K37024017: Apache Struts 2 vulnerability CVE-2016-3087
Security Advisory Description Apache Struts 2.3.20.x before 2.3.20.3, 2.3.24.x before 2.3.24.3, and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! exclamation mark operator to the REST Plugin...
K32121038: BIG-IP mcpd vulnerability CVE-2020-5876
Security Advisory Description A race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address of a peer, adding a new peer, or when the Traffic Management...
K51303334: OpenSSL vulnerability CVE-2019-1543
Security Advisory Description ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less th...
K17454: OpenSSL vulnerabilities CVE-2005-2946, CVE-2008-0891, and CVE-2012-2131
Security Advisory Description CVE-2005-2946 The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature...
K15318: OpenSSL vulnerability CVE-2011-3207
Security Advisory Description The OpenSSL crypto/x509/x509vfy.c library for 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. CVE-2011-3207 Impact...
K32743437: OpenSSL vulnerability CVE-2016-7056
Security Advisory Description A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. CVE-2016-7056 Impact A malicious user with local access can recover Elliptic Curve Digital Signature Algorithm ECDSA...
K15158: OpenSSL vulnerability CVE-2013-6450
Security Advisory Description The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and...
K15532: XSS vulnerability in echo.jsp CVE-2014-4023
Security Advisory Description A cross-site scripting XSS vulnerability exists in tmui/dashboard/echo.jsp for the BIG-IP Configuration utility and the Enterprise Manager Configuration utility. Impact Some echo.jsp parameters may allow an attacker to bypass cross-site scripting XSS protection...
K72225092: Linux kernel vulnerability CVE-2015-8746
Security Advisory Description fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service NULL pointer dereference and panic via crafted network traffic...
K12903841: Linux kernel vulnerabilities CVE-2015-4170, CVE-2015-6526, and CVE-2015-7837
Security Advisory Description CVE-2015-4170 Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service ldsemdownread and ldsemdownwrite deadlock by establishing a new tty thread during...
K08039035: MySQL vulnerability CVE-2015-4910
Security Advisory Description Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached. CVE-2015-4910 Impact This vulnerability may allow remote authenticated users to affect...
K23332326: Apache HTTPD vulnerability CVE-2010-2791
Security Advisory Description modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for ...
K60352002: SNTP vulnerability CVE-2015-5219
Security Advisory Description SNTP processing would enter into an infinite loop when a crafted NTP packet was received. CVE-2015-5219 Impact An attacker may be able to cause a denial-of-service DoS to the system by crafting a special NTP packet. Security Advisory Status F5 Product Development has...
K000132266: BIND vulnerability CVE-2022-3094
Security Advisory Description Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of...
K30183369: Linux kernel vulnerabilities CVE-2019-15217 and CVE-2019-15221
Security Advisory Description CVE-2019-15217 An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. CVE-2019-15221 An issue was discovered in the Linux kernel before 5.1.17...
SOL10587158 - MySQL vulnerability CVE-2016-8284
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL65460334 - Expat XML parser vulnerability CVE-2012-6702
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL51663510 - Apache Tomcat vulnerability CVE-2016-5388
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL47009044 - FreeBSD vulnerability CVE-2016-1887
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL66504414 - Foomatic vulnerability CVE-2010-5325
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL47145213 - OpenSSL vulnerability CVE-2016-2176
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL72225092 - Linux kernel vulnerability CVE-2015-8746
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL40284849 - Apache vulnerability CVE-2010-0434
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17253 - BIG-IP Configuration utility vulnerability CVE-2015-4040
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL17251 - Apache vulnerability CVE-2015-3183
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16444 - Apache vulnerability CVE-2015-0899
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16365 - GNU C Library (glibc) vulnerability CVE-2014-9402
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL16341 - Linux kernel Controller Area Network (CAN) vulnerability CVE-2010-2959
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15902 - Apache vulnerability CVE-2010-1623
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15872 - libxml2 vulnerability CVE-2014-3660
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...
SOL15876 - PHP vulnerability CVE-2013-2110
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15881 - Libpng vulnerability CVE-2011-3048
The noted versions contain vulnerable code, but do not parse PNG images by default, and are therefore not vulnerable. Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version...