6294 matches found
K94041354: OpenSSL vulnerability CVE-2019-1552
Security Advisory Description OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configurati...
K17255: D-Bus vulnerability CVE-2014-3477
Security Advisory Description The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service...
K40378764: F5 tmsh vulnerability CVE-2019-6642
Security Advisory Description Authenticated users with the ability to upload files via scp, for example can escalate their privileges to allow root shell access from within the TMOS Shell tmsh interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp...
K77323091: Objective Systems ASN1C Compiler vulnerability CVE-2016-5080
Security Advisory Description Integer overflow in the rtxMemHeapAlloc function in asn1rta.lib in Objective Systems ASN1C for C/C++ before 7.0.2 allows context-dependent attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow, on a system running an application...
K12541829: Binutils vulnerability CVE-2019-9072
Security Advisory Description An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setupgroup in elf.c. CVE-2019-9072 Impact There is no impact; F5 products are not affected by this...
K04054286: Linux kernel TCP vulnerability CVE-2016-2070
Security Advisory Description The tcpcwndreduction function in net/ipv4/tcpinput.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service divide-by-zero error and system crash via crafted TCP traffic. CVE-2016-2070 Impact Successful exploitation of this vulnerabilit...
K29500533: TMUI XSS vulnerability CVE-2022-23013
Security Advisory Description A DOM-based cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. CVE-2022-23013 Impact An attacker may exploit this...
K25521404: Node.js netmask vulnerability CVE-2021-28918 and CVE-2021-29418
Security Advisory Description CVE-2021-28918 Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote unauthenticated attacker can bypa...
K47527163: CGNAT/PPTP vulnerability CVE-2019-6611
Security Advisory Description When processing certain rare data sequences occurring in PPTP VPN traffic, the BIG-IP system may execute incorrect logic. The TMM may restart and produce a core file as a result of this condition. The BIG-IP system provisioned with the CGNAT module and configured wit...
K36814487: BIG-IP tmsh vulnerability CVE-2020-5858
Security Advisory Description Users with non-administrator roles for example, Guest or Resource Administrator with TMOS Shell tmsh access can run arbitrary commands with elevated privilege using a crafted tmsh command. CVE-2020-5858 Impact BIG-IP and BIG-IQ This vulnerability allows unauthorized...
K00866128: Bash vulnerability CVE-2019-9924
Security Advisory Description rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASHCMDS, thus allowing the user to execute any command with the permissions of the shell. CVE-2019-9924 Impact There is no impact; F5 products are not affected by this vulnerability. Securi...
K23731034: PHP & libGD vulnerability CVE-2016-10167
Security Advisory Description The gdImageCreateFromGd2Ctx function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted image file. CVE-2016-10167 Impact There is no impact; F5 products are not affected b...
K82008830: Multiple QEMU vulnerabilities
Security Advisory Description CVE-2020-25742 pcichangeirqlevel in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pcigetbus might not return a valid pointer. CVE-2020-25743 hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer...
K55376430: NTP vulnerabilities CVE-2020-13817
Security Advisory Description The ntpd in the network time protocol NTP before 4.2.8p14, and in 4.3.x before 4.3.100, allows remote attackers to cause a denial-of-service DoS, either daemon exit or system time change, by predicting transmit timestamps for use in spoofed packets. The victim must b...
K39794285: The BIG-IP system may fail to properly parse HTTP headers that are prepended by whitespace (non RFC2616 compliant)
Security Advisory Description The BIG-IP system may fail to properly parse HTTP headers that are prepended by whitespace. This issue occurs when all of the following conditions are met: A virtual server is associated with an HTTP profile. The BIG-IP system receives a specially crafted HTTP reques...
K17202: Apache HTTP server vulnerability CVE-2012-3502
Security Advisory Description The proxy functionality in 1 modproxyajp.c in the modproxyajp module and 2 modproxyhttp.c in the modproxyhttp module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remot...
K73459626: Linux kernel vulnerability CVE-2021-3506
Security Advisory Description An out-of-bounds OOB memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of...
K8420: ClamAV buffer overflow vulnerabilities - CVE-2007-6335, CVE-2007-6336
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...
K24613253: NTP vulnerability CVE-2016-2516
Security Advisory Description NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service ntpd abort by using the same IP address multiple times in an unconfig directive. CVE-2016-2516 Impact An attacker may be able to compromise the...
K62655427: libjpeg-turbo vulnerability CVE-2013-6630
Security Advisory Description The getdht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table DHT JPEG...
K33285044: Oracle Java SE vulnerability CVE-2016-0695
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. CVE-2016-0695 Impact Remote attackers may be able to gain access to...
K37540306: Mozilla Network Security Services use-after-free vulnerability CVE-2016-1978
Security Advisory Description Use-after-free vulnerability in the ssl3HandleECDHServerKeyExchange function in Mozilla Network Security Services NSS before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact b...
K22216037: TMM vulnerability CVE-2016-9245
Security Advisory Description Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "Normalize URI" configuration options used in iRules...
K15169: PHP vulnerability CVE-2013-4113
Security Advisory Description ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct...
K81601350: BIG-IP PEM vulnerability CVE-2017-6144
Security Advisory Description When downloading the Type Allocation Code TAC database file via HTTPS, the server's certificate is not verified. Attackers in a privileged network position may be able to launch a man-in-the-middle attack against these connections. TAC databases are used in BIG-IP PE...
K15984: Linux kernel vulnerability CVE-2013-7265
Security Advisory Description The pnrecvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory...
K31336596: GnuTLS vulnerability CVE-2017-5334
Security Advisory Description Double free vulnerability in the gnutlsx509extimportproxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information...
K05909237: BouncyCastle Java crypto vulnerability CVE-2017-13098
Security Advisory Description BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE Java Cryptography Extension for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private...
K83384802: glibc vulnerability CVE-2016-5417
Security Advisory Description Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver...
K15095307: BDF parsing vulnerability CVE-2012-5669
Security Advisory Description The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read...
K21632201: Linux kernel vulnerability CVE-2011-5321
Security Advisory Description The ttyopen function in drivers/tty/ttyio.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via crafted acce...
K14733: Apache HTTP server vulnerability CVE-2013-1896
Security Advisory Description moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavs...
K000130541: Grub2 vulnerability CVE-2022-28734
Security Advisory Description Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte...
SOL11091514 - MySQL vulnerability CVE-2016-5626
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL37540306 - Mozilla Network Security Services use-after-free vulnerability CVE-2016-1978
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL21485342 - Configuration utility CSRF vulnerability
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL35340595 - Kerberos vulnerability CVE-2016-3120
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL14510263 - IPv6 Neighbor Discovery crafted packet vulnerability CVE-2016-1409
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL41613034 - NTP vulnerability CVE-2016-2519
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL45427159 - NTP authentication bypass vulnerability CVE-2016-1551
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL21057235 - libpng out-of-bounds read vulnerability CVE-2015-7981
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL21230183 - NTP vulnerability CVE-2015-7976
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17256 - D-Bus vulnerability CVE-2014-3638
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. The D-Bus daemon is only for package dependency reasons. The impact of the D-Bus daemon becoming unavailable is close to...
SOL17235 - PCRE library vulnerability CVE-2015-3210
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL17218 - Libvirt vulnerability CVE-2014-8135
The storageVolUpload function in storage/storagedriver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service NULL pointer dereference and daemon crash via a crafted offset value in a "virsh vol-upload" command. CVE-2014-8135...
SOL17159 - PAM vulnerability CVE-2009-2410
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16871 - logrotate vulnerability CVE-2011-1155
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16428 - setroubleshoot vulnerability CVE-2015-1815
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16121 - BIG-IP directory traversal vulnerability CVE-2014-8727
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15874 - Samba vulnerability CVE-2013-4475
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists...