6396 matches found
K40378764: F5 tmsh vulnerability CVE-2019-6642
Security Advisory Description Authenticated users with the ability to upload files via scp, for example can escalate their privileges to allow root shell access from within the TMOS Shell tmsh interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp...
K05211147: Kernel vulnerabilities CVE-2014-8559, CVE-2015-0275, CVE-2015-1333, CVE-2015-3212, and CVE-2015-4700
Security Advisory Description CVE-2014-8559 The dwalk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of renamelock, which allows local users to cause a denial of service deadlock and system hang via a crafted application. CVE-2015-0275 The...
K77323091: Objective Systems ASN1C Compiler vulnerability CVE-2016-5080
Security Advisory Description Integer overflow in the rtxMemHeapAlloc function in asn1rta.lib in Objective Systems ASN1C for C/C++ before 7.0.2 allows context-dependent attackers to execute arbitrary code or cause a denial of service heap-based buffer overflow, on a system running an application...
K12541829: Binutils vulnerability CVE-2019-9072
Security Advisory Description An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setupgroup in elf.c. CVE-2019-9072 Impact There is no impact; F5 products are not affected by this...
K93543114: BIG-IP APM vulnerability CVE-2022-27181
Security Advisory Description When APM is configured on a virtual server and the associated access profile is configured with APM AAA NTLM Auth, undisclosed requests can cause an increase in internal resource utilization. CVE-2022-27181 Impact System performance can degrade while the system is...
K12139752: BIG-IP SNMPD vulnerability CVE-2019-6608
Security Advisory Description Under certain conditions, the snmpd process may leak memory on a multi-blade BIG-IP Virtual Clustered Multiprocessing vCMP guest when processing authorized SNMP requests. CVE-2019-6608 Impact Over time, the snmpd process consumes excessive memory, forcing the BIG-IP...
K45435121: DNS Express vulnerability CVE-2018-5538
Security Advisory Description On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the 'Allow NOTIFY From' configuration parameter when the db variable "dnsexpress.notifyport" is set to...
K47527163: CGNAT/PPTP vulnerability CVE-2019-6611
Security Advisory Description When processing certain rare data sequences occurring in PPTP VPN traffic, the BIG-IP system may execute incorrect logic. The TMM may restart and produce a core file as a result of this condition. The BIG-IP system provisioned with the CGNAT module and configured wit...
K23731034: PHP & libGD vulnerability CVE-2016-10167
Security Advisory Description The gdImageCreateFromGd2Ctx function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to cause a denial of service application crash via a crafted image file. CVE-2016-10167 Impact There is no impact; F5 products are not affected b...
K51740320: BIND vulnerability CVE-2019-6468
Security Advisory Description In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion...
K42185012: Java vulnerability CVE-2017-10118
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JCE. Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticat...
K55376430: NTP vulnerabilities CVE-2020-13817
Security Advisory Description The ntpd in the network time protocol NTP before 4.2.8p14, and in 4.3.x before 4.3.100, allows remote attackers to cause a denial-of-service DoS, either daemon exit or system time change, by predicting transmit timestamps for use in spoofed packets. The victim must b...
K15862: Multiple cURL and libcurl vulnerabilities CVE-2014-0015, CVE-2014-0138, and CVE-2014-0139
Security Advisory Description CVE-2014-0015 cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request. CVE-2014-0138 The default configuration in...
K14468: Client-side component flaw CVE-2013-0150
Security Advisory Description A flaw in a BIG-IP APM or FirePass client-side F5-signed component may allow a third party to install files on the client machine. Impact Affected components may allow third party code execution on the affected client. There is no impact to the BIG-IP or FirePass hos...
K8424: Java Runtime Environment Vulnerability - CVE-2008-0657
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K16829: Linux vulnerability CVE-2014-7825
Security Advisory Description kernel/trace/tracesyscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service out-of-bounds read and OOPS or bypass the ASLR protection mechanis...
K9592: bzip2 vulnerability CVE-2008-1372
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K15250: BIND vulnerability CVE-2014-3214
Security Advisory Description The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a DNS query that triggers a response with unspecified attributes...
K15933: NTP vulnerability CVE-2014-9296
Security Advisory Description The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets. CVE-2014-9296 Impact None. No F5...
K05909237: BouncyCastle Java crypto vulnerability CVE-2017-13098
Security Advisory Description BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE Java Cryptography Extension for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private...
K21435974: TMUI XSS vulnerability CVE-2021-23037
Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. CVE-2021-23037 Impact An attacker may exploit this...
K66504414: Foomatic vulnerability CVE-2010-5325
Security Advisory Description Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service memory corruption and crash or possibly execute arbitrary code via a long job title. CVE-2010-5325 Impact There ...
K02360853: NTP vulnerabilities CVE-2015-5194 and CVE-2015-5195
Security Advisory Description CVE-2015-5194 The logconfigcommand function in ntpparser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service ntpd crash via crafted logconfig commands. CVE-2015-5195 ntpopenssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attacke...
K21632201: Linux kernel vulnerability CVE-2011-5321
Security Advisory Description The ttyopen function in drivers/tty/ttyio.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via crafted acce...
K000130541: Grub2 vulnerability CVE-2022-28734
Security Advisory Description Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte...
K64571774: BIG-IP virtual server TCP sequence numbers vulnerability CVE-2020-5947
Security Advisory Description On specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. CVE-2020-5947 Impact Attackers may be able to spoof TCP packet...
K11509465: Apache mod_http2 vulnerability CVE-2018-1302
Security Advisory Description When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usua...
SOL37540306 - Mozilla Network Security Services use-after-free vulnerability CVE-2016-1978
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL21485342 - Configuration utility CSRF vulnerability
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL47006155 - libTIFF vulnerability CVE-2016-3990
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL52439336 - FreeType vulnerabilities CVE-2014-9746 and CVE-2014-9747
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL48448204 - PHP vulnerability CVE-2016-6207
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL14510263 - IPv6 Neighbor Discovery crafted packet vulnerability CVE-2016-1409
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL43205719 - NTP input validation vulnerability CVE-2016-1550
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL09052213 - glibc vulnerability CVE-2015-8777
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL21230183 - NTP vulnerability CVE-2015-7976
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL11785283 - GnuPG vulnerability CVE-2012-6085
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL49580002 - BIG-IP file validation vulnerability CVE-2015-8021
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17445 - Linux kernel vulnerability CVE-2015-4700
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL17255 - D-Bus vulnerability CVE-2014-3477
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL17181 - BIND vulnerability CVE-2015-5722
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17218 - Libvirt vulnerability CVE-2014-8135
The storageVolUpload function in storage/storagedriver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service NULL pointer dereference and daemon crash via a crafted offset value in a "virsh vol-upload" command. CVE-2014-8135...
SOL17047 - ICMP packet processing vulnerability CVE-2015-5058
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17126 - Apache Struts vulnerability CVE-2014-7809
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16865 - GNU C Library (glibc) vulnerability CVE-2015-1781
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Although the BIG-IP, BIG-IQ, and Enterprise Manager software contains the vulnerable code, BIG-IP, BIG-IQ, and Enterprise...
SOL16879 - Apache Portable Runtime vulnerability CVE-2011-1928
The fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service infinite loop via a URI that does not match unspecified types of wildcard patterns, as demonstrated by...
SOL16819 - Linux kernel vulnerability CVE-2015-3331
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16704 - cURL and libcurl vulnerability CVE-2015-3143
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column...
SOL16428 - setroubleshoot vulnerability CVE-2015-1815
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16344 - Apache Tomcat vulnerability CVE-2014-0227
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...