CVE-2016-9244 – F5 BIG-IP SSL Virtual Server - 'Ticketbleed' Memory Disclosure
https://notcve.org/view.php?id=CVE-2016-9244
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well. Un servidor virtual BIG-IP configurado con un perfil Client SSL que tiene la opción Session Tickets no predeterminada habilitada podría perder hasta 31 portes de la memoria no inicializada. Un atacante remoto puede explotar esta vulnerabilidad para obtener los IDs de sesión Secure Sockets Layer (SSL) de otras sesiones. • https://www.exploit-db.com/exploits/41298 https://www.exploit-db.com/exploits/44446 http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html http://www.securityfocus.com/bid/96143 http://www.securitytracker.com/id/1037800 https://blog.filippo.io/finding-ticketbleed https://filippo.io/Ticketbleed https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py https://support.f5.com/csp/article/K05121675 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-5022
https://notcve.org/view.php?id=CVE-2016-5022
F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1 HF1; BIG-IP PSM 11.2.x before 11.2.1 HF16, 11.3.x, and 11.4.0 through 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0; and iWorkflow 2.0.0, when Packet Filtering is enabled on virtual servers and possibly self IP addresses, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) and possibly have unspecified other impact via crafted network traffic. F5 BIG-IP LTM, Analytics, APM, ASM y Link Controller 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 HF1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 HF1 y 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP DNS 12.x en versiones anteriores a 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator y WOM 11.2.x en versiones anteriores a 11.2.1 HF16 y 11.3.0; BIG-IP GTM 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1 HF1; BIG-IP PSM 11.2.x en versiones anteriores a 11.2.1 HF16, 11.3.x y 11.4.0 hasta la version 11.4.1; Enterprise Manager 3.1.1; BIG-IQ Cloud and Security 4.0.0 hasta la version 4.5.0; BIG-IQ Device 4.2.0 hasta la version 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 5.0.0; BIG-IQ Cloud and Orchestration 1.0.0 y iWorkflow 2.0.0, cuando Packet Filtering está habilitado en servidores virtuales y posiblemente en direcciones IP automáticas, permite a atacantes remotos provocar una denegación de servicio (reinicio de Traffic Management Microkernel) y posiblemente tener otro impacto no especificado a través de tráfico de red manipulado. • http://www.securitytracker.com/id/1036709 http://www.securitytracker.com/id/1036710 https://support.f5.com/kb/en-us/solutions/public/k/06/sol06045217.html • CWE-284: Improper Access Control •
CVE-2016-6876
https://notcve.org/view.php?id=CVE-2016-6876
The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.0.0 before HF3; BIG-IP DNS 12.0.0 before HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 10.2.1 through 10.2.4 and 11.2.1; BIG-IP GTM 10.2.1 through 10.2.4, 11.2.1, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 10.2.1 through 10.2.4 and 11.4.0 through 11.4.1 allows remote DNS servers to cause a denial of service (CPU consumption or Traffic Management Microkernel crash) via a crafted PTR response. El comando RESOLV::lookup iRule en F5 BIG-IP LTM, APM, ASM y Link Controller 10.2.1 hasta la versión 10.2.4, 11.2.1, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF3; BIG-IP AAM, AFM y PEM 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF3; BIG-IP Analytics 11.2.1, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2, 11.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF3; BIG-IP DNS 12.0.0 en versiones anteriores a HF3; BIG-IP Edge Gateway, WebAccelerator y WOM 10.2.1 hasta la versión 10.2.4 y 11.2.1; BIG-IP GTM 10.2.1 hasta la versión 10.2.4, 11.2.1, 11.4.x, 11.5.x en versiones anteriores a 11.5.4 HF2 y 11.6.x en versiones anteriores a 11.6.1; y BIG-IP PSM 10.2.1 hasta la versión 10.2.4 y 11.4.0 hasta la versión 11.4.1 permite a servidores DNS remotos provocar una denegación de servicio (consumo de CPU o caída de Traffic Management Microkernel) a través de una respuesta PTR manipulada. • http://www.securitytracker.com/id/1036725 https://support.f5.com/kb/en-us/solutions/public/k/52/sol52638558.html • CWE-399: Resource Management Errors •
CVE-2016-5023
https://notcve.org/view.php?id=CVE-2016-5023
Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service (Traffic Management Microkernel restart) via crafted network traffic. Servidores virtuales en sistemas F5 BIG-IP 11.2.1 HF11 hasta la versión HF15, 11.4.1 HF4 hasta la versión HF10, 11.5.3 hasta la versión 11.5.4, 11.6.0 HF5 hasta la versión HF7 y 12.0.0, cuando se configura con un perfil TCP, permiten a atacantes remotos provocar una denegación de servicio (reinicio de Traffic Management Microkernel) a través de tráfico de red manipulado. • http://www.securityfocus.com/bid/92670 http://www.securitytracker.com/id/1036624 https://support.f5.com/kb/en-us/solutions/public/k/19/sol19784568.html • CWE-284: Improper Access Control •
CVE-2016-1497
https://notcve.org/view.php?id=CVE-2016-1497
The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy Manager (APM) access logs via unspecified vectors. La utilidad Configuration en sistemas F5 BIG-IP 11.0.x, 11.1.x, 11.2.x en versiones anteriores a11.2.1 HF16, 11.3.x, 11.4.x en versiones anteriores a 11.4.1 HF10, 11.5.x en versiones anteriores a 11.5.4 HF2, 1.6.x en versiones anteriores a 11.6.1 y 12.0.0 en versiones anteriores a HF1 permite a administradores remotos leer registros de acceso Access Policy Manager (APM) a través de vectores no especificados. • http://www.securityfocus.com/bid/92671 http://www.securitytracker.com/id/1036631 https://support.f5.com/kb/en-us/solutions/public/k/31/sol31925518.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •