SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   F5 BIG-IP Vendors:   F5 Networks
F5 BIG-IP ASM and BIG-IP Analytics DNS Profile Bug Lets Remote Users Deny Service
SecurityTracker Alert ID:  1040559
SecurityTracker URL:  http://securitytracker.com/id/1040559
CVE Reference:   CVE-2018-5505   (Links to External Site)
Date:  Mar 22 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 13.x
Description:   A vulnerability was reported in F5 BIG-IP ASM and BIG-IP Analytics. A remote user can cause denial of service conditions on the target system.

When BIG-IP ASM and BIG-IP Analytics are both provisioned and when the virtual server is configured with a DNS procotol and the Protocol setting is set to 'TCP', a remote user can cause the target Traffic Management Microkernel (TMM) to restart while processing DNS requests.

Virtual servers configured with the Protocols setting set to 'UDP' are not affected.

The vendor has assigned IDs 703517 and ID 705161 to this vulnerability.

Impact:   A remote user can cause the target TMM to restart.
Solution:   F5 has issued a fix (ASM and Analytics 13.1.0.4).

The F5 advisory is available at:

https://support.f5.com/csp/#/article/K23520761

Vendor URL:  support.f5.com/csp/article/K23520761 (Links to External Site)
Cause:   State error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC