SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   F5 BIG-IP Vendors:   F5 Networks
F5 BIG-IP Flaw in TCP Fast Open and Tail Loss Probe Options Lets Remote Users Cause the Target Service to Crash
SecurityTracker Alert ID:  1040046
SecurityTracker URL:  http://securitytracker.com/id/1040046
CVE Reference:   CVE-2017-6136   (Links to External Site)
Date:  Dec 22 2017
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 12.x, 13.x
Description:   A vulnerability was reported in F5 BIG-IP. A remote user can cause the target service to crash.

A remote user can send specially crafted traffic to the target virtual server to trigger an unspecified flaw and cause the Traffic Management Microkernel (TMM) to restart, disrupting traffic processing.

Systems with the TCP Fast Open and Tail Loss Probe options enabled in the associated TCP profile are affected.

The vendor has assigned ID 659791 to this vulnerability.

Impact:   A remote user can cause the target TMM to restart, disrupting traffic processing.
Solution:   The vendor has issued a fix (12.1.3, 13.1.0).

The vendor advisory is available at:

https://support.f5.com/csp/article/K81137982

Vendor URL:  support.f5.com/csp/article/K81137982 (Links to External Site)
Cause:   Not specified

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC