6413 matches found
K05295501: libssh vulnerability CVE-2020-1730
Security Advisory Description A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when...
K63675293: NTP vulnerability CVE-2016-1548
Security Advisory Description An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c wi...
K41107914: iControl REST vulnerability CVE-2016-9251
Security Advisory Description In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection. CVE-2016-9251 Impact An authenticated attacker may be able to cause an escalation of privileges through a crafte...
K84408873: Infinispan vulnerability CVE-2019-10174
Security Advisory Description A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new,...
K79240502: BIG-IP ASM Bot Detection DNS cache does not expire security exposure
Security Advisory Description When BIG-IP ASM Bot Detection is configured, the BIG-IP ASM system performs a reverse DNS lookup to determine if bot traffic classified as legitimate is, in fact, from those services for example, Google. These DNS responses are cached indefinitely until the Traffic...
K6535: Denial of service vulnerability in GnuPG - CVE-2006-3082
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
K70204455: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2016-0640 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier allows local users to affect integrity and availability via vectors related to DML. CVE-2016-0642 Unspecified vulnerability in Oracle MySQL 5.5.48 a...
K48448204: PHP vulnerability CVE-2016-6207
Security Advisory Description Integer overflow in the gdContributionsAlloc function in gdinterpolation.c in GD Graphics Library aka libgd before 2.2.3 allows remote attackers to cause a denial of service out-of-bounds memory write or memory consumption via unspecified vectors. CVE-2016-6207 Impac...
K25165813: BIG-IP SSL connection Alert Timeout security exposure
Security Advisory Description The mitigation for K41515225: BIG-IP SSL connection security exposure may not work in all conditions. If after applying the workaround in K41515225: BIG-IP SSL connection security exposure, setting the Alert Timeout to its minimum value of 1 second, you continue to...
K2104: Buffer read overflow in DNS resolver libraries - CAN-2002-1146
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K17444: libXfont vulnerabilities CVE-2015-1802, CVE-2015-1803, and CVE-2015-1804
Security Advisory Description CVE-2015-1802 The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service out-of-bounds write and crash or possibly execute arbitrary code via a 1 negative or ...
K17445: Linux kernel vulnerability CVE-2015-4700
Security Advisory Description The bpfintjitcompile function in arch/x86/net/bpfjitcomp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service system crash by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT...
K16976: PHP vulnerability CVE-2015-1352
Security Advisory Description The buildtablename function in pgsql.c in the PostgreSQL aka pgsql extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service. CVE-2015-1352 Impact There is no impact; F5 products are...
K16950: SQLite vulnerability CVE-2015-3416
Security Advisory Description The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service integer overflow and stack-based buffer overfl...
K16946: Boost memory allocator vulnerability CVE-2012-2677
Security Advisory Description Integer overflow in the orderedmalloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to ...
K17446: Linux kernel vulnerability CVE-2015-0777
Security Advisory Description drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 aka the Xen 3.4.x support patches for the Linux kernel 2.6.18, as used in the Linux kernel 2.6.x and 3.x in SUSE Linux distributions, allows guest OS users to obtain sensitive information from uninitialized...
K17449: Apache Struts 2 vulnerability CVE-2015-5169
Security Advisory Description Cross-site scripting XSS vulnerability in Apache Struts before 2.3.20. CVE-2015-5169 When debug mode is switched on in Apache Struts, under certain conditions, an arbitrary script may be executed in the 'Problem Report' screen. Affected versions are Struts 2.0.0 -...
K17447: Linux kernel UDF vulnerabilities CVE-2014-9728, CVE-2014-9729, and CVE-2014-9730
Security Advisory Description CVE-2014-9728 The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service buffer over-read and system crash via a crafted filesystem image, related to fs/udf/inode.c and...
K17448: OpenSSH vulnerability CVE-2001-1473
Security Advisory Description The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target...
K89941125: mod_auth_openidc vulnerability CVE-2021-20718
Security Advisory Description modauthopenidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service DoS condition via unspecified vectors. CVE-2021-20718 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development ha...
K82350223: MySQL vulnerabilities CVE-2018-2766, CVE-2018-2769, CVE-2018-2771, CVE-2018-2773, and CVE-2018-2775
Security Advisory Description CVE-2018-2766 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...
K16285: OpenSSL vulnerability CVE-2012-2110
Security Advisory Description The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service memory...
K50462644: Linux kernel vulnerability CVE-2016-5343
Security Advisory Description drivers/soc/qcom/qdsp6v2/voicesvc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to cause a denial of service memory corruption or...
K17120: Linux kernel vulnerability CVE-2014-8134
Security Advisory Description The paravirtopssetup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirtenabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that rea...
K6919: Cross-site scripting vulnerability in my.activation.php3 CVE-2007-3097
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...
K6916: Case change in URL host name circumvents Accessibility Scope
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K17218: Libvirt vulnerability CVE-2014-8135
Security Advisory Description The storageVolUpload function in storage/storagedriver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service NULL pointer dereference and daemon crash via a crafted offset value in a "virsh vol-upload"...
K17213: Apache vulnerability CVE-2002-0392
Security Advisory Description Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. CVE-2002-0392 Impact There is no impact; F...
K16983: PCRE library vulnerability CVE-2015-2325
Security Advisory Description PCRE library is prone to a heap overflow vulnerability. Due to insufficient bounds checking inside compilebranch, the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many applicatio...
K16984: PCRE library vulnerability CVE-2015-2326
Security Advisory Description PCRE library is prone to a vulnerability which leads to Heap overflow. Without enough bound checking inside pcrecompile2, the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many...
K16442: MIT Kerberos 5 vulnerability CVE-2014-9422
Security Advisory Description The checkrpcsecauth function in kadmin/server/kadmrpcsvc.c in kadmind in MIT Kerberos 5 aka krb5 through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/ authorization check and obtain administrative access...
K16429: Linux kernel vulnerability CVE-2015-0239
Security Advisory Description The emsysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service guest OS crash by triggering use of a 16-bit code...
K15702: SSLv3 vulnerability CVE-2014-3566
Security Advisory Description A flaw in the design of Secure Socket Layer SSL version 3.0 has been discovered that may allow a network attacker to force a client to negotiate an SSL handshake using SSL version 3.0 ciphers instead of Transport Layer Security TLS version 1.x ciphers. The attacker c...
K15369: OpenSSL vulnerability CVE-2009-0591
Security Advisory Description The CMSverify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually...
K15341: BIG-IP ASM Virtual Edition may run out of memory under certain DoS conditions
Security Advisory Description The BIG-IP ASM system limits the maximum number of concurrent requests with large payloads 10,000 bytes or larger by default to 100, using the maxconcurrentlongrequest internal parameter. The BIG-IP ASM system drops new requests with large payloads once this limit is...
K15358: OpenSSL vulnerability CVE-2009-0590
Security Advisory Description The ASN1STRINGprintex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service invalid memory access and application crash via vectors that trigger printing of a 1 BMPString or 2 UniversalString with an invalid encoded length...
K15350: OpenSSL vulnerability CVE-2008-1672
Security Advisory Description OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service crash via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference. CVE-2008-1672 Impact None. No F5 produc...
K15300: Apache HTTP Server mod_dav DoS vulnerability CVE-2013-6438
Security Advisory Description The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE...
K30150004: The attack signature check may fail to detect and block malicious requests
Security Advisory Description The web application firewall attack signature check may fail to detect and block malicious request containing certain decimal-coded characters. This issue occurs when all of the following conditions are met: You are using one of the following web application firewall...
K72813580: glibc vulnerabilities CVE-2017-1000408 and CVE-2017-1000409
Security Advisory Description CVE-2017-1000408 A memory leak in glibc 2.1.1 released on May 24, 1999 can be reached and amplified through the LDHWCAPMASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366. CVE-2017-100040...
K6365: Multiple DNS vulnerabilities VU#955777
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...
K6806: ClamAV UPX heap overflow Vulnerability - CVE-2006-4018
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K14410: Multiple MySQL vulnerabilities
Security Advisory Description For BIG-IP systems using the MySQL database, the following MySQL vulnerabilities may allow local users to gain knowledge of sensitive information, manipulate certain data, or cause a Denial of Service DoS: CVE-2011-2262 CVE-2012-0075 CVE-2012-0087 CVE-2012-0101...
K51591999: Multiple Java vulnerabilities CVE-2020-14562, CVE-2020-14573, CVE-2020-14578, CVE-2020-14579, CVE-2020-14581, CVE-2020-14593
Security Advisory Description CVE-2020-14562 Vulnerability in the Java SE product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols ...
K48131150: Linux kernel vulnerability CVE-2019-19065
Security Advisory Description A memory leak in the sdmainit function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service memory consumption by triggering rhashtableinit failures, aka CID-34b3be18a04e. CVE-2019-19065 Impact There is n...
K4532: gzip vulnerabilities CAN-2005-0758, CAN-2005-0988, and CAN-2005-1228
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...
K8108: OpenSSL vulnerability CVE-2007-3108
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...
K8106: OpenSSL SSL_get_shared_ciphers vulnerability CVE-2007-5135
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K2452: Vulnerabilities in the HTTP TRACE method - VU#867593
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K16196: MCPQ vulnerability CVE-2014-6031
Security Advisory Description MCPQ has been found to suffer from a remote buffer overflow vulnerability. The vulnerability is available to authenticated administrative users only. CVE-2014-6031 Impact Exploitation of these vulnerabilities may allow a malicious, authenticated user to cause a...