F5 TLS vulnerability (CVE-2016-9244) (Ticketbleed)

🗓️ 10 Feb 2017 00:00:00Reported by RootType

F5 TLS vulnerability (CVE-2016-9244) in certain products allows remote extraction of sensitive information

Reporter	Title	Published	Views	Family All 33
0day.today	F5 BIG-IP 11.6 SSL Virtual Server - Ticketbleed Memory Disclosure Exploit	12 Apr 201800:00	–	zdt
Circl	CVE-2016-9244	15 Feb 202400:48	–	circl
CNVD	F5 TicketBleed Vulnerability in BIG-IP Devices	9 Feb 201700:00	–	cnvd
Check Point Advisories	F5 Big-IP TLS Information Disclosure (Ticketbleed; CVE-2016-9244)	16 Feb 201700:00	–	checkpoint_advisories
CVE	CVE-2016-9244	9 Feb 201715:00	–	cve
Cvelist	CVE-2016-9244	9 Feb 201715:00	–	cvelist
Exploit DB	F5 BIG-IP SSL Virtual Server - 'Ticketbleed' Memory Disclosure	10 Feb 201700:00	–	exploitdb
Exploit DB	F5 BIG-IP 11.6 SSL Virtual Server - 'Ticketbleed' Memory Disclosure	14 Feb 201700:00	–	exploitdb
exploitpack	F5 BIG-IP 11.6 SSL Virtual Server - Ticketbleed Memory Disclosure	14 Feb 201700:00	–	exploitpack
exploitpack	F5 BIG-IP SSL Virtual Server - Ticketbleed Memory Disclosure	10 Feb 201700:00	–	exploitpack


                                                package main

import (
	"crypto/tls"
	"fmt"
	"log"
	"strings"
)

var Target = "example.com:443"

func main() {
	conf := &tls.Config{
		InsecureSkipVerify: true,
		ClientSessionCache: tls.NewLRUClientSessionCache(32),
	}

	conn, err := tls.Dial("tcp", Target, conf)
	if err != nil {
		log.Fatalln("Failed to connect:", err)
	}
	conn.Close()

	conn, err = tls.Dial("tcp", Target, conf)
	if err != nil && strings.Contains(err.Error(), "unexpected message") {
		fmt.Println(Target, "is vulnerable to Ticketbleed")
	} else if err != nil {
		log.Fatalln("Failed to reconnect:", err)
	} else {
		fmt.Println(Target, "does NOT appear to be vulnerable")
		conn.Close()
	}
}

10 Feb 2017 00:00Current

7.8High risk

Vulners AI Score7.8

EPSS0.67474