6396 matches found
SOL20804323 - NTP vulnerability CVE-2016-2518
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL21057235 - libpng out-of-bounds read vulnerability CVE-2015-7981
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL74435036 - libGraphite vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL19157044 - libtirpc vulnerability CVE-2013-1950
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL60352002 - SNTP vulnerability CVE-2015-5219
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17529 - NTP vulnerability CVE-2015-7703
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17449 - Apache Struts 2 vulnerability CVE-2015-5169
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL17386 - vCMP DoS vulnerability CVE-2015-6546
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading the vCMP host to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than...
SOL17256 - D-Bus vulnerability CVE-2014-3638
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. The D-Bus daemon is only for package dependency reasons. The impact of the D-Bus daemon becoming unavailable is close to...
SOL17235 - PCRE library vulnerability CVE-2015-3210
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL17114 - NTP vulnerability CVE-2015-5146
A flaw was found in the way ntpd processed certain remote configuration packets. CVE-2015-5146 - pending An attacker could use a specially crafted package to cause ntpd to become unresponsive when all of the following conditions are met: The ntpd configuration has enabled remote configuration. Th...
SOL16871 - logrotate vulnerability CVE-2011-1155
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16870 - logrotate vulnerability CVE-2011-1154
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16876 - Mount (seunshare_mount) vulnerability CVE-2011-1101
CVE-2011-1101 The seunsharemount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux RHEL 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the...
SOL16831 - BSD regex library vulnerability CVE-2015-2305
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16718 - libTIFF vulnerability CVE-2010-2596
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16506 - NTP vulnerability CVE-2015-1799
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15797 - Linux kernel vulnerability CVE-2012-4461
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...
SOL15652 - SASL vulnerability CVE-2009-0688
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15622 - wolfSSL CyaSSL vulnerability CVE-2013-1623
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL167: Downloading software a...
SOL15541 - OpenSSL vulnerability CVE-2014-3509
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15516 - LZ4 compression vulnerability CVE-2014-4715
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL15348 - OpenSSL DTLS Buffer vulnerability CVE-2009-1387
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15355 - OpenSSL DTLS Buffer vulnerability CVE-2009-1379
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...
SOL15351 - OpenSSL DTLS ChangeCipherSpec vulnerability CVE-2009-1386
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15341 - BIG-IP ASM Virtual Edition may run out of memory under certain DoS conditions
Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. To mitigate this vulnerability, you can perform one or more of the following procedures, depending on the traffic...
SOL15310 - Data Manager SQL Injection Remote Code Execution vulnerability CVE-2014-2949
Vulnerability Recommended Actions To mitigate this vulnerability, you can stop the Data Manager Service when not in use. To do so, perform the following procedure: Impact of action: Performing the following procedure should not have a negative impact on your system. 1. Log in as admin to Data...
SOL15180 - OpenSSL vulnerability CVE-2013-4353
Recommended action You can eliminate this vulnerability by running a version listed in the Versions known to be not vulnerable column. If the column does not list a version that is newer than the version you are running, then no upgrade candidate currently exists. To mitigate this vulnerability,...
SOL12953 - A Cross-Site Scripting (XSS) vulnerability exists in the BIG-IP ASM Web Scraping feature
To determine if the BIG-IP ASM configuration contains any vulnerable security policies, check whether the policies configured on the system have the Web Scraping feature set to Block. To do so, open the Configuration utility and navigate to Application Security Policy List policyname Blocking...
SOL8923 - Linux kernel vulnerability CVE-2007-2875
A flaw in the cpuset support allows a local user to obtain sensitive information from kernel memory. Information about this advisory is available at the following location:...
SOL8700 - Remote web service buffer overflow vulnerability
F5 has determined that a buffer overflow vulnerability exists in FirePass web services that provide User access, which could allow a remote attacker to gain privileged access to the FirePass controller. Web services providing User access can be identified by the U in the Services column on the...
SOL1907 - mod_ssl and Apache_SSL buffer overflow - CAN-2002-0082
Information about this vulnerability can be found at the following location:...
SOL6535 - Denial of service vulnerability in GnuPG - CVE-2006-3082
F5 Product Development tracked this issue as CR66994, CR66995, and CR66996 and it was fixed in BIG-IP 9.1.3, 9.3.0, and 9.4.0. For information about upgrading, refer to the BIG-IP LTM, ASM, GTM, Link Controller, or WebAccelerator release notes. F5 Product Development tracked this issue and it was...
K000141503: Intel UEFI vulnerability CVE-2023-42772
Security Advisory Description Untrusted pointer dereference in UEFI firmware for some IntelR reference processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-42772 Impact There is no impact; F5 products are not affected by this vulnerabilit...
K000140061: BIG-IP monitors vulnerability CVE-2024-45844
Security Advisory Description BIG-IP monitor functionality may allow an authenticated attacker with at least Manager role privileges to elevate their privileges and/or modify the configuration. CVE-2024-45844 Impact This vulnerability may allow an authenticated attacker with Manager role privileg...
K000141046: Python PyPA vulnerability CVE-2022-40897
Security Advisory Description Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py. CVE-2022-40897 Impact...
K000139901: PyYAML vulnerability CVE-2017-18342
Security Advisory Description In PyYAML before 5.1, the yaml.load API could execute arbitrary code if used with untrusted data. The load function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function. CVE-2017-18342 Impact A...
K000139685: Python vulnerability CVE-2023-40217
Security Advisory Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the...
K000139667: MySQL vulnerability CVE-2024-21056
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ...
K000139340: Apache Tomcat vulnerability CVE-2024-22029
Security Advisory Description A flaw was found in the Tomcat package of OpenSUSE and derived distributions. This issue occurs due to incorrect permissions and a race condition in the %post section of the Tomcat RPM package, resulting in local privilege escalation when the Tomcat package is...
K000138704: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2024-20964 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with...
K98606833: BIG-IP and BIG-IQ scp vulnerability CVE-2024-21782
Security Advisory Description BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure copy scp utility but do not have access to Advanced Shell bash can execute arbitrary commands with a specially crafted command string. This vulnerability is due to an...
K000137522: BIG-IP iControl REST vulnerability CVE-2024-22093
Security Advisory Description When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint on multi-bladed systems. A successful exploit can allow the attacker to cross a security boundary. CVE-2024-22093 Impact This...
K000134516: BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability CVE-2024-23979
Security Advisory Description When an SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. CVE-2024-23979 Impact System performance can...
K000135873: BIG-IP Websockets vulnerability CVE-2024-21849
Security Advisory Description When an Advanced WAF/ASM security policy and a Websockets profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM process to terminate. CVE-2024-21849 Impact Traffic is disrupted while the TMM process restarts...
K000138425: SQLite vulnerability CVE-2023-7104
Security Advisory Description A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow...
K000137940: Multiple Oracle MySQL vulnerabilities
Security Advisory Description CVE-2023-22015 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.42 and prior and 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access...
K000137790: Linux kernel vulnerability CVE-2023-3609
Security Advisory Description A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in...
K000137187: GlibC vulnerability CVE-2023-4911
Security Advisory Description A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with...
K000136011: Apache Tomcat Open Redirect vulnerability CVE-2023-41080
Security Advisory Description URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.9...