SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   F5 BIG-IP Vendors:   F5 Networks
F5 BIG-IP TCP Packet Processing Flaw Lets Remote Users Deny Service
SecurityTracker Alert ID:  1038409
SecurityTracker URL:  http://securitytracker.com/id/1038409
CVE Reference:   CVE-2017-6137   (Links to External Site)
Date:  May 6 2017
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in F5 BIG-IP. A remote user can cause denial of service conditions on the target system.

A remote user can send a specially crafted sequence of packets to cause the target Traffic Management Microkernel (TMM) to be disrupted.

Systems with software SYN cookie protection, TMM fast forward, and TCP segmentation offload (TSO) enabled are affected.

In addition, a remote user can cause the high-speed bridge (HSB) to lockup. Models 3900, 6900, 8900, 8950, 11000, and 11050 are affected.

The vendor has assigned ID 635412 to this vulnerability.

Impact:   A remote user can cause the target TMM to be disrupted.
Solution:   The vendor has issued a fix.

A workaround is also described in the vendor advisory.

The vendor advisory is available at:

https://support.f5.com/csp/article/K82851041

Vendor URL:  support.f5.com/csp/article/K82851041 (Links to External Site)
Cause:   State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC