K14903688: BIG-IP SSL Profile OCSP Authentication security exposure

Security Advisory Description The BIG-IP system does not properly verify the revocation of intermediate CA certificates when querying Online Certificate Status Protocol OCSP servers and may allow unauthorized connections. This issue occurs when all of the following conditions are met: You have a...

K19012930: TMM GTP vulnerability CVE-2021-23048

Security Advisory Description When GPRS Tunneling Protocol GTP iRules commands or a GTP profile is configured on a virtual server, undisclosed GTP messages can cause the Traffic Management Microkernel TMM to terminate. CVE-2021-23048. Impact Traffic is disrupted while the TMM process restarts. Th...

K36300805: BIG-IP FastL4 profile vulnerability

Security Advisory Description Under certain conditions for BIG-IP systems using FastL4 profiles, when the Reassemble IP Fragments option is disabled default, a specific sequence of fragmented packets may restart the Traffic Management Microkernel TMM. Impact An attacker may be able to disrupt...

K16728: iCall privilege escalation vulnerability CVE-2015-3628

Security Advisory Description An authenticated user, with Resource Administrator role permissions, is able to use iCall scripts and associated handlers to create and modify user account properties. CVE-2015-3628 Impact An authenticated user with limited access Resource Administration may be able ...

K20455158: jQuery vulnerability CVE-2019-11358

Security Advisory Description jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype...

K13155201: BIG-IQ HA vulnerability CVE-2021-22995

Security Advisory Description BIG-IQ high availability HA when using a Quorum device for automatic failover does not implement any form of authentication with the Corosync daemon. CVE-2021-22995 Impact There are iptables firewall rules in place which prevent arbitrary attackers from connecting...

K13288506: Wget vulnerability CVE-2017-13090

Security Advisory Description The retr.c:fdreadbody function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then...

K16871: logrotate vulnerability CVE-2011-1155

Security Advisory Description The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service rotation outage via a 1 \n newline or 2 \ backslash character in a log filename, as demonstrated by a filename that is...

K70023694: Linux kernel vulnerability CVE-2021-4154

Security Advisory Description A use-after-free flaw was found in cgroup1parseparam in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container...

K2379: Klima-Pokorny-Rosa attack on RSA vulnerability CAN-2003-0131

Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...

K7005: Overview of MNIN/NNL-Labs Advisory

Security Advisory Description A January 2007 security advisory by Michael Ligh and Greg Sinclair describes several security issues present in some versions of FirePass software. The advisory can be found at the following location: http://mnin.org/advisories/2007firepass.pdf F5 has issued a series...

K16870: logrotate vulnerability CVE-2011-1154

Security Advisory Description The shredfile function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a...

K1648: OpenSSH array overflow - CAN-2002-0083

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K6881: SSHv1 vulnerabilities CVE-2006-4924

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...

K6876: OpenSSH vulnerabilities CVE-2006-5052

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K16396: GnuPG vulnerability CVE-2013-4576

Security Advisory Description GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryptio...

K16475: Multiple Sun Java vulnerabilities

Security Advisory Description CVE-2007-3655 Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file. CVE-2007-3716 The Java XML...

K16473: Linux Kernel vulnerability CVE-2010-0007

Security Advisory Description net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAPNETADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and...

K17494: PAM vulnerability CVE-2015-3238

Security Advisory Description The unixrunhelperbinary function in the pamunix module in Linux-PAM aka pam before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service hang via a large password. CVE-2015-3238 Impact This vulnerabili...

K16470: Linux kernel vulnerability CVE-2002-0510

Security Advisory Description The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. CVE-2002-0510 Impact There is no impact; F5 products are not...

K16471: Linux kernel vulnerability CVE-2010-0415

Security Advisory Description The dopagesmove function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service OOPS, and possibly have unspecified other impact by specifying ...

K59395527: Intel processor vulnerability CVE-2021-33150

Security Advisory Description Hardware allows activation of test or debug logic at runtime for some IntelR Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2021-33150 Impact There is no impact; F5 products are not...

K13279: PHP vulnerability CVE-2009-4017

Security Advisory Description Prior to PHP 5.2.12, and in the 5.3.x branch prior to 5.3.1, the scripting language does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial-of-service resource exhaustio...

K15795: Linux kernel vulnerability CVE-2014-7284

Security Advisory Description The netgetrandomonce implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof o...

K15794: ICMP vulnerability CVE-2004-0791

Security Advisory Description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service network throughput reduction for TCP connections via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack". CVE-2004-07...

K15793: PHP Posthandler vulnerability CVE-2014-3622

Security Advisory Description A security vulnerability in the PHP scripting language may allow remote code execution by way of the Post Handler. CVE-2014-3622 - pending Impact None. F5 products do not use vulnerable versions of PHP. Security Advisory Status F5 Product Development has assigned ID...

K15792: Path MTU discovery vulnerability CVE-2004-1060

Security Advisory Description Multiple TCP/IP and ICMP implementations, when using Path MTU PMTU discovery PMTUD, allow remote attackers to cause a denial of service network throughput reduction for TCP connections via forged ICMP "Fragmentation Needed and Don't Fragment was Set" packets with a l...

K52510343: ICMP PMTU messages are forwarded to the server side when the TCP proxy-mss setting is enabled in the associated profile

Security Advisory Description This issue occurs when all of the following conditions are met: Internet Control Message Protocol ICMP path maximum transmission unit PMTU messages are forwarded through the BIG-IP system running on the affected versions. OneConnect or SNAT is configured and actively...

K12852: BIND vulnerability CVE-2010-3615

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this Solution have not been evaluated for...

K11533: OpenSSL vulnerability CVE-2010-0740

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K9875: BIG-IP management interface vulnerability CVE-2008-6474

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K81732330: Poppler vulnerability CVE-2013-4473

Security Advisory Description Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a source filename. CVE-2013-4473 Impact There is no impact; F5...

K81002094: PHP vulnerability CVE-2015-4148

Security Advisory Description The dosoapcall function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an...

K71021401: Oracle Java SE vulnerability CVE-2018-2796

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows...

K92002212: TMM vulnerability CVE-2019-6676

Security Advisory Description Traffic Management Microkernel TMM may restart on BIG-IP Virtual Edition VE when using virtio direct descriptors and packets 2 KB or larger. CVE-2019-6676 Impact Some virtio backend implementations send large packets 2 KB or larger even when Large Offload Receive LRO...

K91240217: Linux kernel vulnerability CVE-2019-19076

Security Advisory Description A memory leak in the nfpabmu32knodereplace function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service memory consumption, aka CID-78beef629fd9. CVE-2019-19076 Impact There is no impact; F5...

K11922628: NGINX Controller sensitive command-line arguments vulnerability CVE-2020-5866

Security Advisory Description The helper.sh script, which is used optionally in NGINX Controller to change settings, uses sensitive items as command-line arguments. CVE-2020-5866 Impact The affected script causes sensitive items to display in the system process listing ps , top while the helper.s...

K5534: Apache mod_proxy message format vulnerability CAN-2004-0700

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

K05046514: NTP vulnerability CVE-2015-7979

Security Advisory Description NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service client-server association tear down by sending broadcast packets with invalid authentication to a broadcast client. CVE-2015-7979 Impact An attacker may exploit this...

K40507733: The BIG-IP APM logon page may expose an XSS security risk

Security Advisory Description This issue occurs when all of the following conditions are met: You configure an authentication, authorization, and accounting AAA agent after a logon page agent in the access policy. You configure the AAA agent with a Max Logon Attempts Allowed value higher than 1...

K15648: PHP vulnerability CVE-2014-2020

Security Advisory Description ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a 1 string or 2 array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string f...

K15637: GnuTLS vulnerability CVE-2013-2116

Security Advisory Description The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. CVE-2013-2116...

K15605: XML Entity Injection vulnerability CVE-2014-6032

Security Advisory Description Multiple XML External Entity XXE vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and...

K15604: Multiple rsync vulnerabilities

Security Advisory Description Following are descriptions of various rsync vulnerabilities: CVE-2006-2083 Integer overflow in the receivexattr function in the extended attributes patch xattr.c for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes th...

K98009539: PHP/PCRE vulnerability CVE-2016-1283

Security Advisory Description The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?R?R?RR?R\97?J?J?R?R\99|:?|?R\kR|?RHRRHR/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer...

K15388: OpenSSL vulnerability CVE-2011-4108

Security Advisory Description The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack. CVE-2011-4108 Impact BIG-IP hosts may be...

K15376: OpenSSL 0.9.8k vulnerability CVE-2009-0789

Security Advisory Description OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service invalid memory access and application crash by placing this structure in the public key of a...

K16416: GNU C library strxfrm/strcoll overflow vulnerabilities

Security Advisory Description The GNU C glibc strxfrm function is prone to a remote integer-overflow vulnerability that leads to buffer overflow vulnerability. The GNU C glibc strcoll function is prone to a stack-based buffer-overflow vulnerability. Impact A locally authenticated attacker could r...

K54130510: TMM DIAMETER vulnerability CVE-2018-5522

Security Advisory Description When processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may restart. CVE-2018-5522 Impact This vulnerability allows for a remote unauthorized disruption of service by way of an unspecified DIAMETER packet. Security Advisory Status F5...

K16011: Linux kernel vulnerability CVE-2012-6657

Security Advisory Description The socksetsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service system crash by leveraging the ability to create a raw...