SOL4583 - Insufficient validation of ICMP error messages - VU#222750 / CVE-2004-0790

This vulnerability describes the use of spoofed ICMP packets to affect existing TCP connections. An attacker could cause a TCP connection to be closed or slowed by interfering with the Path MTU Discovery process or by generating one of the following spoofed ICMP messages: Destination unreachable...

SOL5860 - GSSAPI authentication vulnerability in OpenSSH - CAN-2005-2798

CAN-2005-2798: GSSAPI authentication vulnerability in OpenSSH Information about this advisory is available at the following location:...

SOL7005 - Overview of MNIN/NNL-Labs Advisory

Future release Obtaining and installing hotfixes F5 recommends you apply the following hotfixes for your specific FirePass version to address the issues presented in these security advisories: Product | Version | Hotfix ---|---|--- FirePass | 6.0.0 | HF-600-8 or later cumulative hotfix FirePass |...

SOL7164 - Execution of UNIX shell commands from a URL without authentication

A URL that is accessible without first authenticating to the FirePass controller may be modified to inject UNIX shell commands. Under certain conditions, the commands can then be executed with user-level privileges. Any attacker with access to the FirePass logon page can theoretically launch this...

SOL7147 - Execution of UNIX shell commands from the URL in the Admin UI

A URL that is accessible from the Device Management Maintenance Troubleshooting Tools page can be modified to inject UNIX shell commands, which are then executed with user-level privileges. Only FirePass Administrators with permission to access this URL can perform this action. Standard FirePass...

SOL7053 - BIND 9 vulnerabilities - Dereferencing freed fetch context and DNSSEC Validation

This Solution describes vulnerability issues reported in BIND where a remote user can cause denial of service conditions by sending specifically crafted packets to the BIND server. The dereferencing freed fetch context issue results from an issue where the named daemon dereferences a freed fetch...

SOL7009 - Statement on ACL bypass using trailing NULL byte - MNIN/NNL Advisory

A January 2007 security advisory describes several security issues present in some versions of FirePass software. One section in the document, titled ACL Filter bypass with URL de-normalization, states that Portal Access ACL filters can be bypassed if a user appends a trailing NULL byte after the...

SOL6806 - ClamAV UPX heap overflow Vulnerability - CVE-2006-4018

The FirePass controller can be configured to provide anti-virus scanning of files uploaded through Portal Access through the ClamAV open source software. A vulnerability in ClamAV 0.88.4 and earlier versions could allow a remote attacker to crash the scanner process or execute code remotely using...

SOL6923 - LDAP and RADIUS authentication failures can reveal a valid FirePass username

F5 Product Development tracked this issue as CR66767 for FirePass 5.5.1 and CR68628 for FirePass 6.0.0, and it was fixed in FirePass 5.5.2 and 6.0.1. For information about upgrading, refer to the FirePass release notes. Additionally, a hotfix has been issued for FirePass 5.5.1. Customers affected...

SOL6924 - Insertion of special characters in URL path circumvents Accessibility Scope and Access Control Lists

It is possible to bypass the Deny list, configured in the Accessibility Scope section located on the Portal Access: Web Applications: Master Group Settings page, by inserting certain special characters into a URL path. In FirePass version 6.0, this issue also applies to the Deny list configured...

SOL6922 - Decimal-encoded IP address circumvents Accessibility Scope

It is possible to bypass the Deny list configured in the Accessibility Scope section of the Portal Access: Web Applications: Master Group Settings page using a URL with a decimal-encoded IP address. When you log in to the FirePass Webtop, you can enter a URL into the Webtop Address Bar if the...

SOL6920 - Cross-site scripting vulnerabilities

Multiple cross-site scripting XSS vulnerabilities exist in the FirePass Administrative Console pages. The affected FirePass URLs fail to fully sanitize certain URL arguments before the requested web page content is returned to the browser. It is possible for an attacker to create web pages, email...

SOL6881 - SSHv1 vulnerabilities CVE-2006-4924

This security advisory describes an OpenSSH version 1 vulnerability. When using version SSH version 1 protocol, remote attacks cause a denial of service attack when the sshd process is used in OpenSSH versions previous to version 4.4. This occurs when using an SSH packet that contains duplicate...

SOL6876 - OpenSSH vulnerabilities CVE-2006-5052

This security advisory describes an OpenSSH vulnerability. OpenSSH versions previous to version 4.4, on platforms with GSSAPI enabled, allow remote attackers to determine the validity of usernames through a Generic Security Services Application Program Interface GSSAPI authentication abort...

SOL6737 - SHMAT vulnerabilities CVE-2004-0114

This security advisory describes a reference count overflow in SHMAT CVE-2004-0114. Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...

SOL6634 - pam_ldap vulnerability - CVE-2005-2641

This security advisory describes a pamldap vulnerability. Clients who are referred to a different server than the server on which they were originally authenticated, with a different TLS encryption requirement, could possibly bypass the new server's TLS requirements. Information about this adviso...

SOL6701 - Possible logon through native RSA SecurID authentication without valid passcode

An issue with the FirePass controller could permit logins without valid RSA SecurID passcodes. Under heavy load conditions, the FirePass controller can enter into a state where an invalid password in the form of the SecurID passcode is accepted if the username is a valid user in a master group...

SOL6736 - OpenSSH vulnerabilities CAN-2006-5051, CAN-2006-4924

This security advisory describes an OpenSSH Signal Handling vulnerability CVE-2006-5051. A remote attacker could possibly leverage this flaw to cause a denial of service. This security advisory also describes a denial of service bug CVE-2006-4924 in the OpenSSH sshd server. A remote attacker can...

SOL2593 - Buffer overflow in zlib - CAN-2003-0107

Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to SOL4602: Overview of F5 Networks securi...

SOL6612 - BIND 9: Multiple DoS vulnerabilities VU#697164 and VU#915404

This security advisory describes multiple BIND 9 denial of service vulnerabilities. For information about this advisory, refer to the Internet Systems Consortium website at the following location: F5 Networks Product Development is tracking this issue as ID 314714 formerly CR68956 and ID 264730...

SOL6592 - Cross-Site Scripting vulnerability in the logon page

A cross-site scripting XSS vulnerability exists in the FirePass logon page. The affected FirePass logout URL fails to fully sanitize URL input before the web page content is sent to the browser. It is possible for an attacker to create web pages or emails with URLs that include executable code or...

SOL6535 - Denial of service vulnerability in GnuPG - CVE-2006-3082

F5 Product Development tracked this issue as CR66994, CR66995, and CR66996 and it was fixed in BIG-IP 9.1.3, 9.3.0, and 9.4.0. For information about upgrading, refer to the BIG-IP LTM, ASM, GTM, Link Controller, or WebAccelerator release notes. F5 Product Development tracked this issue and it was...

SOL5794 - Security Advisory: Perl integer sign error in format string processing - CVE-2005-3962

Although F5 Networks products contain versions of Perl that are subject to this vulnerability, this vulnerability can only be exploited by an attacker that has root access. As a result, F5 Networks products are not considered vulnerable. Integer overflow in the format string functionality...

SOL5725 - pam_ldap password policy control vulnerability CAN-2005-2641

The pamldap authentication module may allow clients to authenticate with lower security ciphers than are normally required when the clients have been referred from another LDAP server. F5 Product Development tracked this issue as CR54024 and it was fixed in BIG-IP LTM 9.1.3 for the 9.1 software...

SOL5790 - Security Advisory: Apache JServ Protocol vulnerability - JVN#79314822

Apache Tomcat, an implementation of the Java Servlet and JavaServer Pages technologies, contains a vulnerability in processing specific requests. Information about this advisory is available at the following location:...

SOL6365 - Multiple DNS vulnerabilities VU#955777

Vulnerability description This security advisory describes several potential vulnerabilities in Internet Systems Consortium's Berkeley Internet Name Daemon BIND. BIND is provided on some F5 Networks products. The potential vulnerabilities include: execution of arbitrary code, denial of service, a...

SOL5718 - IKE version 1 multiple vulnerabilities CERT VU#226364

Description Multiple vulnerabilities exist in version 1 of the Internet Key Exchange protocol IKE. IKE is used in conjunction with other protocols in the IPSec protocol suite to ensure authentication, data integrity and privacy, such as with Virtual Private Network VPN tunnels between remote acce...

SOL6075 - Cross-Site Scripting Vulnerability - Secunia Advisory SA19337

For information about the vulnerability described in this security advisory, refer to the following website locations: http://www.securityfocus.com/archive/1/428318/30/0/threaded http://secunia.com/advisories/19337/ http://www.frsirt.com/english/advisories/2006/1036 These vulnerabilities can lead...

SOL3456 - RADIUS authentication bypass vulnerability OpenBSD Security Fix #020

BIG-IP and 3-DNS can be configured to use loginradius for user Command Line Interface CLI authentication. When configured in this manner, both products are vulnerable to possible man-in-the-middle attacks that could result in an attacker gaining unauthorized access to the BIG-IP or 3-DNS system...

SOL1648 - OpenSSH array overflow - CAN-2002-0083

Note: By default, BIG-IP and 3-DNS do not have non-root accounts so this vulnerability is not a significant issue for F5 Networks customers. This vulnerability requires that the user already be authenticated on the BIG-IP system in order to assume root access...

SOL4616 - BSD telnet environment vulnerability CAN-2005-0488

Was this resource helpful in solving your issue? Yes - this resource was helpful No - this resource was not helpful I don‘t know yet NOTE: Please do not provide personal information. Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:...

SOL4809 - tcpdump vulnerabilities - CAN-2005-1278, CAN-2005-1279, and CAN-2005-1280

F5 Networks Product Development tracked this issue as CR48152 and CR48153 and it was fixed in BIG-IP and 3-DNS version 4.5.13. This issue still exists in the BIG-IP and 3-DNS 4.6 software branch...

SOL4944 - SSL decryption vulnerabilities - CR47778, CR48873, CR53987, CR54002

Workaround If upgrading is not an immediate option, you can prevent exploitation of these vulnerabilities temporarily by disabling NATIVE ciphers on any clientssl or serverssl profiles that require or request authentication. To do so, add :!NATIVE to the profiles' ciphers option available in the...

SOL4441 - BSD telnet vulnerabilities CAN-2005-0468 and CAN-2005-0469

Was this resource helpful in solving your issue? Yes - this resource was helpful No - this resource was not helpful I don‘t know yet NOTE: Please do not provide personal information. Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:...

SOL4532 - gzip vulnerabilities CAN-2005-0758, CAN-2005-0988, and CAN-2005-1228

The vulnerabilities described in this article have been resolved, or do not affect any F5 products. There will be no further updates, unless new information is discovered...

SOL4256 - RADIUS integer overflow vulnerability CAN-2005-0108

Was this resource helpful in solving your issue? Yes - this resource was helpful No - this resource was not helpful I don‘t know yet NOTE: Please do not provide personal information. Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:...

SOL4351 - BIND 9.3.0 denial of service vulnerability CAN-2005-0034

BIG-IP versions 9.0 through 9.0.5 contain BIND version 9.3.0 and are vulnerable if BIND is enabled. To enable BIND on the BIG-IP system, you must log in to the command line and configure it manually; you cannot inadvertently enable BIND. Since BIND is disabled by default, most BIG-IP systems are...

SOL1618 - Multiple SNMP vulnerabilities CA-2002-03

Information about this advisory is available at the following location:...

SOL3369 - TCP reassembly queue vulnerability CAN-2004-0171

Was this resource helpful in solving your issue? Yes - this resource was helpful No - this resource was not helpful I don‘t know yet NOTE: Please do not provide personal information. Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:...

SOL3284 - Buffer overflows in stub resolver libraries - CAN-2002-0029

The vulnerability described in this article has been resolved, or does not affect any F5 products. There will be no further updates, unless new information is discovered...

SOL3066 - OpenSSH buffer management vulnerability - CA-2003-24

For information about this vulnerability, refer to...

SOL3082 - Multiple vulnerabilities in OpenSSL - CAN-2004-0081, CAN-2004-0079, CAN-2004-0112

F5 Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS 4.5.11 and 4.6.1. Obtaining and installing patches The TA04-078A patch has been issued for BIG-IP and 3-DNS 4.5.9 and 4.6. You may download the TA04-078A patch by navigating to the BIG-IP BIG-IP v4.x 4.5 section of the...

SOL2888 - DNS cache poisoning vulnerability CVE-2003-0914

Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...

SOL2773 - Multiple Open SSH vulnerabilities CA-2003-24, CA-2003-26, and CA-2003-26

CERT Vulnerability Note VU333628 details a buffer management problem in all versions of OpenSSH, prior to version 3.7.1, that may potentially be used by an attacker to gain unauthorized remote access. For information about this vulnerability, refer to...