CVE-2016-9252
https://notcve.org/view.php?id=CVE-2016-9252
The Traffic Management Microkernel (TMM) in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service (DoS) through unspecified vectors. El Traffic Management Microkernel (TMM) en F5 BIG-IP en versiones anteriores a 11.5.4 HF3, 11.6.x en versiones anteriores a 11.6.1 HF2 y 12.x en versiones anteriores a 12.1.2 no maneja adecuadamente las opciones MTU de ruta mínima para IPv6, lo que permite a atacantes remotos provocar una denegación de servicio (DoS) a través de vectores no especificados. • http://www.securitytracker.com/id/1038132 https://support.f5.com/csp/article/K46535047 • CWE-19: Data Processing Errors •
CVE-2016-7474
https://notcve.org/view.php?id=CVE-2016-7474
In some cases the MCPD binary cache in F5 BIG-IP devices may allow a user with Advanced Shell access, or privileges to generate a qkview, to temporarily obtain normally unrecoverable information. En algunos casos la caché binaria MCPD en dispositivos F5 BIG-IP pueden permitir a un usuario con acceso Advanced Shell, o privilegios generar un qkview, para obtener temporalmente información normalmente irrecuperable. • http://www.securityfocus.com/bid/97198 http://www.securitytracker.com/id/1038133 https://support.f5.com/csp/article/K52180214 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-7468
https://notcve.org/view.php?id=CVE-2016-7468
An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpprogressive db variable value is set to non-default setting "enabled". The default value for the tm.tcpprogressive db variable is "negotiate". An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group. Un atacante remoto no autenticado puede ser capaz de interrumpir los servicios en los dispositivos F5 BIG-IP 11.4.1 - 11.5.4 con con tráfico red maliciosamente manipulado. • http://www.securityfocus.com/bid/97119 http://www.securitytracker.com/id/1038121 https://support.f5.com/csp/article/K13053402 • CWE-284: Improper Access Control •
CVE-2016-6249
https://notcve.org/view.php?id=CVE-2016-6249
F5 BIG-IP 12.0.0 and 11.5.0 - 11.6.1 REST requests which timeout during user account authentication may log sensitive attributes such as passwords in plaintext to /var/log/restjavad.0.log. It may allow local users to obtain sensitive information by reading these files. peticiones F5 BIG-IP 12.0.0 y 11.5.0 - 11.6.1 REST que expiran durante la autenticación de una cuenta de usuario pueden registrar atributos sensibles como contraseñas en plaintext para /var/log/restjavad.0.log. Esto puede permitir a usuarios locales obtener información sensible al leer estos archivos. • http://www.securitytracker.com/id/1037873 https://support.f5.com/csp/article/K12685114 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-9244 – F5 BIG-IP SSL Virtual Server - 'Ticketbleed' Memory Disclosure
https://notcve.org/view.php?id=CVE-2016-9244
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well. Un servidor virtual BIG-IP configurado con un perfil Client SSL que tiene la opción Session Tickets no predeterminada habilitada podría perder hasta 31 portes de la memoria no inicializada. Un atacante remoto puede explotar esta vulnerabilidad para obtener los IDs de sesión Secure Sockets Layer (SSL) de otras sesiones. • https://www.exploit-db.com/exploits/41298 https://www.exploit-db.com/exploits/44446 http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html http://www.securityfocus.com/bid/96143 http://www.securitytracker.com/id/1037800 https://blog.filippo.io/finding-ticketbleed https://filippo.io/Ticketbleed https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py https://support.f5.com/csp/article/K05121675 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •