Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.140222
Category:F5 Local Security Checks
Title:F5 BIG-IP - TCP IPv6 vulnerability CVE-2016-9252
Summary:The Traffic Management Microkernel (TMM) in F5 BIG-IP systems before; 11.5.4 HF3, 11.6.x before 11.6.1 HF2, and 12.x.x before 12.1.2 do not properly handle minimum path MTU; options for IPv6, which allows remote attackers to cause a denial of service (DoS) through unspecified vectors.
Description:Summary:
The Traffic Management Microkernel (TMM) in F5 BIG-IP systems before
11.5.4 HF3, 11.6.x before 11.6.1 HF2, and 12.x.x before 12.1.2 do not properly handle minimum path MTU
options for IPv6, which allows remote attackers to cause a denial of service (DoS) through unspecified vectors.

Vulnerability Impact:
When this vulnerability is exploited, the system may experience a denial-of-service
(DoS) attack, which can cause the TMM process to restart.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-9252
http://www.securitytracker.com/id/1038132
Common Vulnerability Exposure (CVE) ID: CVE-2016-9244
BugTraq ID: 96143
http://www.securityfocus.com/bid/96143
https://www.exploit-db.com/exploits/41298/
http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html
https://blog.filippo.io/finding-ticketbleed/
https://filippo.io/Ticketbleed/
https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py
http://www.securitytracker.com/id/1037800
Common Vulnerability Exposure (CVE) ID: CVE-2015-8240
http://www.securitytracker.com/id/1035367
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.