6294 matches found
SOL12851 - BIND vulnerability CVE-2010-3613
This security advisory describes a BIND vulnerability. For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location: Note: The following link will take you to a resource outside of AskF5, and it is possible that the document may be remov...
SOL12852 - BIND vulnerability CVE-2010-3615
For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location: Note: The following link will take you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge:...
SOL12826 - Java Runtime Environment (JRE) vulnerability: CVE-2010-4476
These F5 product versions use the affected Java function to manage traffic in the Configuration utility. However, the system filters the input value to the function so the value falls within an expected range before the system passes data to the function. These expected ranges of data do not...
SOL12793 - GNU C Library vulnerability CVE-2010-4051
The regcomp implementation in the GNU C Library aka glibc or libc6 allows context-dependent attackers to cause a denial-of-service DoS attack. This applies to GNU C Library versions through 2.11.3, and also versions 2.12.x through 2.12.2. Information about this advisory is available at the...
SOL12794 - GNU C Library vulnerability CVE-2010-4052
Vulnerability description and product information. Stack consumption vulnerability in the regcomp implementation in the GNU C Library glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service. Information about this advisory is...
SOL12650 - PHP vulnerability CVE-2010-4645
The strtod.c function may allow context-dependent attackers to cause a denial-of-service via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers. Information about this advisory is available at the following location: Note: The previous link...
SOL12636 - Slowloris denial-of-service attack vulnerability CVE-2007-6750
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL12597 - PHP vulnerability CVE-2010-4156
PHP vulnerability CVE-2010-4156 describes a vulnerability where the mbstrcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter aka the length parameter. Information...
SOL12567 - BIND vulnerability CVE-2010-3614
F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems. This security advisory describes a BIND vulnerability. For information about...
SOL12566 - OpenSSL vulnerability CVE-2010-3864
For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:...
SOL12543 - OpenSSL vulnerability CVE-2010-4180
Vulnerability description OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSLOPNETSCAPEREUSECIPHERCHANGEBUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors...
SOL12253 - PHP vulnerability CVE-2010-2225
PHP vulnerability CVE-2010-2225 describes a use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2. The vulnerability allows remote attackers to execute arbitrary code or obtain sensitive information by way of serialized data, related to the PHP...
SOL12156 - PHP xmlrpc vulnerability - CVE-2010-0397
This security advisory describes a PHP xmlrpc vulnerability. For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed...
SOL11797 - Pre-logon sequence vulnerability to token spoofing
A vulnerability exists in the FirePass pre-logon sequence. Under certain conditions, the FirePass controller can accept the output of a pre-logon sequence check that would have been run on a different computer. This vulnerability would allow an attacker to use the pre-logon token from a workstati...
SOL11795 - Pre-logon sequence vulnerability to Cross-Site Scripting
Cross-site scripting XSS vulnerabilities exist in the FirePass pre-logon pages, which are accessible prior to authentication. The affected FirePass pages fail to fully sanitize HTTP request input before the web page content is sent to the browser. By altering the HTTP request input via the posted...
SOL11720 - Samba server vulnerability CVE-2010-2063
A buffer overflow in smbd for Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted field in a packet. Information about this advisory is available at the following location:...
Mitigating risk from SSH brute force login attacks
None...
SOL11719 - Mitigating risk from SSH brute force login attacks
Vulnerability Description F5 products and versions that are affected by this Security Advisory F5 Product Development has determined that all products and versions are affected by the issue described in this security advisory. Note: For information about signing up to receive security notice...
SOL11533 - OpenSSL vulnerability CVE-2010-0740
The ssl3getrecord function in ssl/s3pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service crash via a malformed record in a TLS connection that triggers a NULL pointer de-reference, related to the minor version number. Information about this advisory is...
SOL11503 - BIND 9 vulnerability CVE-2009-0265
BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature. Information about this advisory is available at the following locations: F5...
SOL10905 - NTP vulnerability - CVE-2009-3563
F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of NTP. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems. These products are only vulnerable if NTP was manually configured and enabled...
SOL10898 - DNSSEC BIND vulnerability - CVE-2009-4022
Vulnerability description and product information: Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS...
SOL10772 - Linux NULL pointer dereference vulnerability - CVE-2009-2692
Information about this advisory is available at the following location: Note: As a result of a typo, this advisory was also referred to as CVE-2009-2962. Be advised that CVE-2009-2962 was removed as a duplicate of CVE-2009-2692. For information, refer to https://vulners.com/cve/CVE-2009-2962. Th...
SOL10737 - SSL Renegotiation vulnerability - CVE-2009-3555 / VU#120541
A Man in the Middle attack allows an attacker to inject an arbitrary amount of chosen plain text into the application protocol stream data during a secure session renegotiation that uses SSL version 3.x or TLS version 1.x. This may provide an attacker the ability to perform arbitrary actions on...
SOL3631 - Stack-based buffer overflow in Apache - CAN-2004-0488
Vulnerability description and product information: Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code by way of a client certificate with a long...
SOL10674 - Netscape reuse cipher change bug - Qualsys QID 38284
A Qualsys security audit may report that the BIG-IP management IP address is vulnerable to a NETSCAPE REUSE CIPHER CHANGE BUG. The security audit may produce a report that appears similar to the following example: QID: 38284 CVSS Base: 5 1 Category: General remote services CVSS Temporal: 4.7 CVE...
SOL10509 - Sockstress DoS tool vulnerability CVE-2008-4609
Sockstress DoS tool CVE-2008-4609. The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate...
SOL10417 - BIG-IP ASM and PSM remote buffer overflow exploit
F5 Product Development tracked this issue as CR126690 and it was fixed in BIG-IP ASM and PSM 9.4.8 and 10.1.0. For information about upgrading, refer to the BIG-IP ASM or PSM release notes. Important: This issue was re-introduced in 9.4.8 HF-1, and then fixed in 9.4.8 HF-2 and later as CR133530...
SOL10441 - Microsoft Active Template Library (ATL) vulnerabilities VU#456745
Information about this advisory is available at the following locations: F5 Product Development tracked this issue as ID 296507 formerly CR125945 for FirePass, and it was fixed in FirePass 6.1.0. For information about upgrading, refer to the FirePass release notes. Obtaining and installing patche...
SOL10366 - BIND vulnerability - CVE-2009-0696
F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems. These products are only vulnerable if BIND was manually configured and enabl...
SOL10143 - Cross-Site Scripting Vulnerabilities in the FirePass logon
Cross-site scripting XSS vulnerabilities exist in the FirePass logon page, which is accessible prior to authentication. The affected FirePass page fails to fully sanitize HTTP request input before the web page content is sent to the browser. By altering the HTTP request input in the cookie, a...
SOL10020 - Multiple Cross-Site Scripting Vulnerabilities in the FirePass logon and activation pages
It is possible for a remote attacker to create web pages, emails, or other media containing hyperlinks to the vulnerable FirePass web pages. These hyperlinks may include executable code or other malicious data. Following one of these hyperlinks to the FirePass controller could result in...
SOL9988 - libpng vulnerability CVE-2009-0040
Description The PNG reference library libpng, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code by way of a crafted PNG file. Information about this advisory is available at the followin...
SOL9990 - icclib vulnerabilities CVE-2009-0583 and CVE-2009-0584
Description Multiple integer overflow flaws which could lead to heap-based buffer overflows, as well as multiple insufficient input validation flaws, were found in Ghostscript's International Color Consortium Format library icclib. Using specially-crafted ICC profiles, an attacker could create a...
SOL9889 - NTP vulnerability CVE-2009-0021
Description NTP may not properly check the return value from the OpenSSL EVPVerifyFinal function, which may allow a remote attacker to bypass validation of the certificate chain by way of a malformed SSL/TLS signature for DSA and ECDSA keys. Note: This is a similar vulnerability to CVE-2008-5077...
SOL9913 - Apache Tomcat vulnerability - CVE-2008-4308
Description The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request. Information about this advisory is...
SOL9875 - BIG-IP management interface vulnerability CVE-2008-6474
The BIG-IP CLI and Web Management Interface are vulnerable to a remote code-injection because the application fails to properly sanitize user-supplied input. Exploiting this issue may allow an attacker to execute arbitrary code with the privileges of the user running the affected application...
SOL9761 - PHP vulnerability - CVE-2008-5557
A heap-based buffer overflow in PHP 4.3.0 through 5.2.6 may allow attackers to execute arbitrary code. Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without o...
SOL9762 - OpenSSL vulnerability - CVE-2008-5077
OpenSSL 0.9.8i and earlier versions do not properly check the return value from the EVPVerifyFinal function. Information about this advisory is available at the following locations: Note: These links take you to a resource outside of AskF5, and it is possible that the information may be removed...
SOL9754 - BIND 9 vulnerability CVE-2009-0025
BIND does not properly check the return value from the OpenSSL DSAverify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature. Information about this advisory is available at the following location: Note: The previous link takes y...
SOL9642 - Samba vulnerability CVE-2008-1105
Specifically crafted SMB responses can result in a heap overflow in the Samba client code. Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...
SOL9592 - bzip2 vulnerability CVE-2008-1372
Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge. F5 Product Development tracked this issue as CR114442 and CR107644 for BIG-IP LTM, GTM...
SOL2452 - Vulnerabilities in the HTTP TRACE method - VU#867593
Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to SOL4602: Overview of F5 security vulnerability respons...
SOL9528 - IPv6 Neighbor Discovery Protocol (NDP) vulnerability - CVE-2008-2476 - VU#472363
The IPv6 Neighbor Discovery Protocol NDP implementation does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service loss of connectivity or read private network traffic by way of a spoofed message that modifies the Forward Information Ba...
SOL9243 - Acresso FLEXnet, Macrovision, InstallShield vulnerability VU#837092
Acresso FLEXnet Connect executes scripts that are insecurely retrieved from a remote web server, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Note: Acresso FLEXnet Connect was formerly known as Macrovision FLEXnet Connect, and as InstallShie...
SOL9108 - Apache Tomcat Cross-site scripting (XSS) vulnerability - CVE-2008-1232
A cross-site scripting XSS vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML through a crafted string that is used in the message argument to the HttpServletResponse.sendError method...
SOL9107 - OpenSSH vulnerability CVE-2008-1483
Information about this advisory is available at the following locations: Note: The following links take you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...
SOL9109 - Apache Tomcat cross-site scripting vulnerability CVE-2008-1947
Cross-site scripting XSS vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML through the name parameter the hostname attribute to host-manager/html/add. Information about this advisory is available at the...
SOL9110 - Apache Tomcat information disclosure vulnerability - CVE-2008-2370
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files through a...
SOL9025 - FirePass SNMP DoS vulnerability
This SNMP vulnerability can at most cause DoS of the FirePass SNMP service and cannot cause either unprivileged access to the FirePass controller or DoS of other FirePass services. Information about this advisory is available at the following location: F5 Product Development tracked this issue a...