Test ID:	1.3.6.1.4.1.25623.1.0.140222
Category:	F5 Local Security Checks
Title:	F5 BIG-IP - TCP IPv6 vulnerability CVE-2016-9252
Summary:	The Traffic Management Microkernel (TMM) in F5 BIG-IP systems before; 11.5.4 HF3, 11.6.x before 11.6.1 HF2, and 12.x.x before 12.1.2 do not properly handle minimum path MTU; options for IPv6, which allows remote attackers to cause a denial of service (DoS) through unspecified vectors.
Description:	Summary: The Traffic Management Microkernel (TMM) in F5 BIG-IP systems before 11.5.4 HF3, 11.6.x before 11.6.1 HF2, and 12.x.x before 12.1.2 do not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial of service (DoS) through unspecified vectors. Vulnerability Impact: When this vulnerability is exploited, the system may experience a denial-of-service (DoS) attack, which can cause the TMM process to restart. Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-9252 http://www.securitytracker.com/id/1038132 Common Vulnerability Exposure (CVE) ID: CVE-2016-9244 BugTraq ID: 96143 http://www.securityfocus.com/bid/96143 https://www.exploit-db.com/exploits/41298/ http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html https://blog.filippo.io/finding-ticketbleed/ https://filippo.io/Ticketbleed/ https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py http://www.securitytracker.com/id/1037800 Common Vulnerability Exposure (CVE) ID: CVE-2015-8240 http://www.securitytracker.com/id/1035367
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.