6294 matches found
K17121: Linux network subsystem vulnerabilities CVE-2014-8160, CVE-2014-8172, CVE-2014-8173, CVE-2014-9428, CVE-2014-9644, CVE-2015-0274, and CVE-2015-2041
Security Advisory Description CVE-2014-8160 net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended...
K17112: ikiwiki cross-site scripting via openid_identifier vulnerability CVE-2015-2793
Security Advisory Description ikiwiki cross-site scripting via openididentifier pending - CVE-2015-2793 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has assigned ID 534146 BIG-IP, Enterprise Manager, and ARX to this...
K17132: Linux kernel vulnerability CVE-2014-8133
Security Advisory Description arch/x86/kernel/tls.c in the Thread Local Storage TLS implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easier for local users to bypass the ASLR protection mechanism, via a craft...
K34102110: BIND vulnerability CVE-2021-25218
Security Advisory Description In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affec...
K03544414: Running a CTU Diagnostics Report may leave elevated command prompt after report generation
Security Advisory Description This issue occurs when all of the following conditions are met: You run one of the following BIG-IP Edge Client for Windows versions: 7.2.1 or later 7.1.9.7 or later 7.1.8.4 or later You run the Client Troubleshooting Utility CTU Diagnostics Report with administrator...
K16354: Multiple JavaSE client-side vulnerabilities
Security Advisory Description CVE-2014-6601 Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. CVE-2015-0412 Unspecified vulnerability in Oracle Java SE 6u85, 7u72,...
K16355: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2015-0382 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381. CVE-2015-0381...
K7859: Multiple PHP vulnerabilities
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K16300: Multiple OpenSSL vulnerabilities CVE-2015-0207, CVE-2015-0208, CVE-2015-0285, CVE-2015-0290, CVE-2015-0291, and CVE-2015-1787
Security Advisory Description CVE-2015-0207 The dtls1listen function in d1lib.c in OpenSSL 1.0.2 before 1.0.2a does not properly isolate the state information of independent data streams, which allows remote attackers to cause a denial of service application crash via crafted DTLS traffic, as...
K15761: Multiple PHP 5.x vulnerabilities
Security Advisory Description CVE-2014-2497 The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file. CVE-2014-3597 Multipl...
K15746: Linux kernel vulnerability CVE-2012-4542
Security Advisory Description Description block/scsiioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SGIO ioctl call that leverages overlapping...
K15748: BIND vulnerability CVE-2010-0290
Security Advisory Description Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by...
K15735: SMB vulnerability CVE-2014-7145
Security Advisory Description The SMB2tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service NULL pointer dereference and client system crash or possibly have unspecified other impact by deleting the IPC$ share during resolutio...
K15751: OpenSSH vulnerability CVE-2007-0726
Security Advisory Description The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break...
K15729: Associative array vulnerability CVE-2014-3631
Security Advisory Description The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service NULL pointer dereference and system crash or...
K47405432: Infineon Trusted Platform Module Vulnerable RSA Generation vulnerability CVE-2017-15361
Security Advisory Description The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module TPM firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attacke...
K36926027: NGINX Controller vulnerability CVE-2021-23021
Security Advisory Description The agent configuration file /etc/controller-agent/agent.conf is world readable with current permission bits set to 644. CVE-2021-23021 Impact Local attackers are able to obtain the sensitive data, such as the API key. Security Advisory Status F5 Product Development...
K15904: Multiple third-party application-server vulnerabilities
Security Advisory Description CVE-2003-1418 Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via 1 the ETag header, which reveals the inode number, or 2 multipart MIME boundary, which reveals child proccess IDs PID. CVE-2004-2320 The...
K15478: PHP vulnerability CVE-2012-2386
Security Advisory Description Integer overflow in the pharparsetarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted tar file that triggers...
K15429: Apache Tomcat vulnerability CVE-2014-0119
Security Advisory Description Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to 1 read arbitrary files via a crafted web application that...
K15426: Apache Tomcat vulnerability CVE-2014-0075
Security Advisory Description Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service resource consumption via a...
K15417: OpenSSL vulnerability CVE-2012-0050
Security Advisory Description Description OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service crash via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix f...
K16714: PHP vulnerabilities CVE-2015-2301 and CVE-2015-2331
Security Advisory Description CVE-2015-2301 Use-after-free vulnerability in the pharrenamearchive function in pharobject.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempt...
K12253: PHP vulnerability CVE-2010-2225
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K03332436: The BIG-IP DNS Configuration utility may erroneously display the TSIG key secret in plain text form
Security Advisory Description The BIG-IP DNS Configuration utility may erroneously display the Transaction Signature TSIG key secret in plain text form. This issue occurs when all of the following conditions are met: You configure a TSIG key in the BIG-IP DNS system. You use the Configuration...
K16515: JBoss vulnerability CVE-2015-0279
Security Advisory Description JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language EL expressions and execute arbitrary Java code via the do parameter. CVE-2015-0279 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Stat...
K15984: Linux kernel vulnerability CVE-2013-7265
Security Advisory Description The pnrecvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory...
K15967: glibc and eglibc vulnerability CVE-2011-2702
Security Advisory Description Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 SSSE3 optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to 1 memcpy-ssse3-rep.S, 2...
K15958: Ghostscript BaseFont vulnerability CVE-2008-6679
Security Advisory Description Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service ps2pdf crash and possibly execute arbitrary code via a crafted Postscript file. CVE-2008-6679 Impact None. No F5...
K15936: NTP vulnerability CVE-2014-9295
Security Advisory Description Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to 1 the cryptorecv function when the Autokey Authentication feature is used, 2 the ctlputdata function, and 3 the configu...
K16353: Multiple JavaSE server-side vulnerabilities CVE-2015-0383, CVE-2015-0410, and CVE-2014-6593
Security Advisory Description CVE-2015-0383 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. CVE-2015-0410...
K16318: OpenSSL vulnerability CVE-2015-0287
Security Advisory Description The ASN1itemexd2i function in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service invalid wri...
K16323: OpenSSL vulnerability CVE-2015-0209
Security Advisory Description Use-after-free vulnerability in the d2iECPrivateKey function in crypto/ec/ecasn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service memory corruption and application...
K8938: BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K4944: SSL decryption vulnerabilities CR47778, CR48873, CR53987, and CR54002
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K8178: MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K31130692: GNU Guile vulnerabilities CVE-2016-8605 and CVE-2016-8606
Security Advisory Description CVE-2016-8605 The mkdir procedure of GNU Guile temporarily changed the process umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode...
K31336596: GnuTLS vulnerability CVE-2017-5334
Security Advisory Description Double free vulnerability in the gnutlsx509extimportproxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information...
K5857: Client certificate check vulnerability in Apache - CVE-2005-2700
Security Advisory Description Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information on F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to K4602:...
K5860: GSSAPI authentication vulnerability in OpenSSH - CAN-2005-2798
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K5868: Buffer overflow vulnerability in cURL - CVE-2005-4077
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K32262483: NTP vulnerability CVE-2017-6451
Security Advisory Description The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an...
K16620: QEMU vulnerability CVE-2015-3456
Security Advisory Description An out-of-bounds memory access flaw, also known as "VENOM," was found in the way QEMU's virtual Floppy Disk Controller FDC handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially...
K16381: Linux kernel vulnerability CVE-2014-9683
Security Advisory Description Off-by-one error in the ecryptfsdecodefromfilename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service buffer overflow and system crash or possibly gain privileges via a crafted...
K31310492: NTP vulnerability CVE-2017-6460
Security Advisory Description Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response. CVE-2017-6460 Impact Allows remote servers to have...
K17028: PHP vulnerabilities CVE-2015-3411 and CVE-2015-3412
Security Advisory Description CVE-2015-3411 It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions for...
K16380: FreeType vulnerabilities CVE-2014-9656 and CVE-2014-9659
Security Advisory Description CVE-2014-9656 The ttsbitdecoderloadimage function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a...
K15933: NTP vulnerability CVE-2014-9296
Security Advisory Description The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets. CVE-2014-9296 Impact None. No F5...
K15908: Linux kernel mac80211 vulnerability CVE-2014-8709
Security Advisory Description The ieee80211fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets. CVE-2014-8709 Impact None. F5 products...
K13719: Samba vulnerability CVE-2012-1182
Security Advisory Description The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code ...