7 matches found
CVE-2005-0356
CVE-2005-0356 affects F5 BIG-IP BIG-IP LTM 9.0.0–9.0.5; other listed BIG-IP lines are not affected (e.g., 9.1.x, 9.2.x, 9.3.x, 9.4.x, 9.6.x are Not Affected). The issue is described as inadequate validation for TCP segments with PAWS/timestamps, enabling a remote attacker to cause a denial of ser...
CVE-2012-1493
CVE-2012-1493 affects F5 BIG-IP appliances (9.x before 9.4.8-HF5; 10.x before 10.2.4; 11.0.x before 11.0.0-HF2; 11.1.x before 11.1.0-HF3) and Enterprise Manager variants; a single SSH private key is used across different customers and access is not properly restricted, enabling remote SSH logins ...
CVE-1999-1550
CVE-1999-1550 affects F5 BIG/ip 2.1.2 and earlier. The bigconf.conf CGI accepts a target file via the file parameter, enabling remote attackers to read arbitrary files on the affected device. This is the concrete detail reported across CVE listings and Nessus-related entries. There is no informat...
CVE-2005-2245
The provided connected documents confirm a vulnerability in F5 BIG-IP versions 9.0.2 through 9.1 that allows attackers to subvert the authentication of SSL transactions. The root cause and attack vectors are described as unknown, with possible involvement of NATIVE ciphers, but no concrete exploi...
CVE-2008-0265
F5 BIG-IP TMUI (Configuration utility) contains multiple XSS vulnerabilities (CVE-2008-0265) in the SearchString parameter across several list JSPs (list_system.jsp, list_pktfilter.jsp, list_ltm.jsp, resources_audit.jsp, list_asm.jsp, and list.jsp in various dirs). The issue affects BIG-IP LTM/GT...
CVE-2008-1503
CVE-2008-1503 affects F5 BIG-IP 9.4.3 web management interface. The vulnerability is a Cross-site Scripting (XSS) flaw exploitable via user-supplied input in the node object name, or the sysContact/sysLocation SNMP configuration fields (Audit Log XSS). The notes suggest CSRF as a possible related...
CVE-2008-6474
The CVE-2008-6474 issue affects F5 BIG-IP 9.4.3 (management CLI/Web interface). The vulnerability is a remote code-injection where remote authenticated users with Resource Manager privileges can exploit unsanitized input related to Perl EP3 templates to create arbitrary Perl code execution with t...