F5 Enterprise Manager TCP Segment Processing Flaw Lets Remote Users Deny Service
|
SecurityTracker Alert ID: 1035873 |
SecurityTracker URL: http://securitytracker.com/id/1035873
|
CVE Reference:
CVE-2015-8099
(Links to External Site)
|
Date: May 12 2016
|
Impact:
Denial of service via network
|
Vendor Confirmed: Yes
|
Version(s): 3.0.0 - 3.1.1
|
Description:
A vulnerability was reported in F5 Enterprise Manager. A remote user can cause denial of service conditions on the target system.
A remote user can send specially crafted TCP segment to trigger denial of service conditions on the target High-Speed Bridge (HSB) data plane.
The control plane is not affected.
Virtual servers that have Software SYN cookies configured for use and activate are affected.
The default configuration is not affected.
|
Impact:
A remote user can cause denial of service conditions on the data plane.
|
Solution:
No solution was available at the time of this entry.
The vendor's advisory is available at:
https://support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html
|
Vendor URL: support.f5.com/kb/en-us/solutions/public/k/35/sol35358312.html (Links to External Site)
|
Cause:
State error
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|