The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of F5 BIG-IP TMOS

vulnerability announce CVE-2019-1125

Intel 64-bit CPU: information disclosure via SWAPGS

Synthesis of the vulnerability

A local attacker can read a memory fragment via SWAPGS of Intel 64-bit CPU, in order to obtain sensitive information.
Impacted products: SNS, Arkoon FAST360, Debian, BIG-IP Hardware, TMOS, Fedora, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 2019, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, NETASQ, OpenBSD, openSUSE Leap, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 07/08/2019.
Identifiers: CERTFR-2019-AVI-375, CERTFR-2019-AVI-376, CERTFR-2019-AVI-381, CERTFR-2019-AVI-390, CERTFR-2019-AVI-391, CERTFR-2019-AVI-392, CERTFR-2019-AVI-417, CERTFR-2019-AVI-418, CERTFR-2019-AVI-428, CERTFR-2019-AVI-440, CVE-2019-1125, DLA-1884-1, DLA-1885-1, DSA-4495-1, DSA-4497-1, FEDORA-2019-6bda4c81f4, FEDORA-2019-e37c348348, K31085564, openSUSE-SU-2019:1923-1, openSUSE-SU-2019:1924-1, RHSA-2019:2405-01, RHSA-2019:2411-01, RHSA-2019:2473-01, RHSA-2019:2476-01, RHSA-2019:2600-01, RHSA-2019:2609-01, RHSA-2019:2695-01, RHSA-2019:2696-01, RHSA-2019:2730-01, SSA:2019-226-01, STORM-2019-007, SUSE-SU-2019:14157-1, SUSE-SU-2019:2068-1, SUSE-SU-2019:2069-1, SUSE-SU-2019:2070-1, SUSE-SU-2019:2071-1, SUSE-SU-2019:2072-1, SUSE-SU-2019:2073-1, SUSE-SU-2019:2262-1, SUSE-SU-2019:2263-1, SUSE-SU-2019:2299-1, SWAPGS, Synology-SA-19:32, USN-4093-1, USN-4094-1, USN-4095-1, USN-4095-2, USN-4096-1, VIGILANCE-VUL-29962.

Description of the vulnerability

A local attacker can read a memory fragment via SWAPGS of Intel 64-bit CPU, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2009-5155

glibc: assertion error via parse_reg_exp

Synthesis of the vulnerability

An attacker can force an assertion error via parse_reg_exp() of glibc, in order to trigger a denial of service.
Impacted products: BIG-IP Hardware, TMOS, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 18/07/2019.
Identifiers: CVE-2009-5155, K64119434, SUSE-SU-2019:1877-1, SUSE-SU-2019:1958-1, SUSE-SU-2019:1958-2, VIGILANCE-VUL-29823.

Description of the vulnerability

An attacker can force an assertion error via parse_reg_exp() of glibc, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-10639

Linux kernel: information disclosure via net_hash_mix

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via net_hash_mix() of the Linux kernel, in order to obtain sensitive information.
Impacted products: Debian, BIG-IP Hardware, TMOS, Linux, openSUSE Leap, RSA Authentication Manager, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading.
Provenance: internet server.
Creation date: 08/07/2019.
Identifiers: CERTFR-2019-AVI-330, CERTFR-2019-AVI-337, CERTFR-2019-AVI-392, CERTFR-2019-AVI-419, CERTFR-2019-AVI-441, CVE-2019-10639, DLA-1862-1, DLA-1885-1, DSA-2019-133, DSA-4497-1, K32804955, openSUSE-SU-2019:1716-1, openSUSE-SU-2019:1757-1, SUSE-SU-2019:1823-1, SUSE-SU-2019:1823-2, SUSE-SU-2019:1851-1, SUSE-SU-2019:1852-1, SUSE-SU-2019:1854-1, SUSE-SU-2019:1855-1, USN-4115-1, USN-4115-2, USN-4118-1, VIGILANCE-VUL-29705.

Description of the vulnerability

An attacker can bypass access restrictions to data via net_hash_mix() of the Linux kernel, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 29683

F5 BIG-IP DNS: denial of service via DNSSEC

Synthesis of the vulnerability

An attacker can trigger a fatal error via DNSSEC of F5 BIG-IP DNS, in order to trigger a denial of service.
Impacted products: BIG-IP Hardware, TMOS.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: internet server.
Creation date: 04/07/2019.
Identifiers: K00724442, VIGILANCE-VUL-29683.

Description of the vulnerability

An attacker can trigger a fatal error via DNSSEC of F5 BIG-IP DNS, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-6642

F5 BIG-IP: privilege escalation via TMOS Shell File Upload

Synthesis of the vulnerability

An attacker can bypass restrictions via TMOS Shell File Upload of F5 BIG-IP, in order to escalate his privileges.
Impacted products: BIG-IP Hardware, TMOS.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user account.
Creation date: 28/06/2019.
Identifiers: CVE-2019-6642, K40378764, VIGILANCE-VUL-29650.

Description of the vulnerability

An attacker can bypass restrictions via TMOS Shell File Upload of F5 BIG-IP, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-20843

Expat: infinite loop via XML Names Large Colons

Synthesis of the vulnerability

An attacker can trigger an infinite loop via XML Names Large Colons of Expat, in order to trigger a denial of service.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, WebSphere AS Traditional, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 27/06/2019.
Identifiers: 964768, CVE-2018-20843, DLA-1839-1, DSA-4472-1, FEDORA-2019-139fcda84d, FEDORA-2019-18868e1715, K51011533, openSUSE-SU-2019:1777-1, SUSE-SU-2019:1834-1, SUSE-SU-2019:1835-1, USN-4040-1, USN-4040-2, VIGILANCE-VUL-29637.

Description of the vulnerability

An attacker can trigger an infinite loop via XML Names Large Colons of Expat, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2019-9070

binutils: information disclosure via d_expression_1

Synthesis of the vulnerability

An attacker can read a memory fragment via d_expression_1() of binutils, in order to obtain sensitive information.
Impacted products: BIG-IP Hardware, TMOS.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 27/05/2019.
Identifiers: CVE-2019-9070, K13534168, VIGILANCE-VUL-29416.

Description of the vulnerability

An attacker can read a memory fragment via d_expression_1() of binutils, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-9077

binutils: buffer overflow via process_mips_specific

Synthesis of the vulnerability

An attacker can trigger a buffer overflow via process_mips_specific() of binutils, in order to trigger a denial of service, and possibly to run code.
Impacted products: BIG-IP Hardware, TMOS.
Severity: 1/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server, denial of service on service.
Provenance: document.
Creation date: 27/05/2019.
Identifiers: CVE-2019-9077, K00056379, VIGILANCE-VUL-29415.

Description of the vulnerability

An attacker can trigger a buffer overflow via process_mips_specific() of binutils, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-9075

binutils: buffer overflow via bfd_archive_64_bit_slurp_armap

Synthesis of the vulnerability

An attacker can trigger a buffer overflow via bfd_archive_64_bit_slurp_armap of binutils, in order to trigger a denial of service, and possibly to run code.
Impacted products: BIG-IP Hardware, TMOS.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on server, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 24/05/2019.
Identifiers: CVE-2019-9075, K42059040, VIGILANCE-VUL-29405.

Description of the vulnerability

An attacker can trigger a buffer overflow via bfd_archive_64_bit_slurp_armap of binutils, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2019-9074

binutils: NULL pointer dereference via bfd_getl32

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via bfd_getl32() of binutils, in order to trigger a denial of service.
Impacted products: BIG-IP Hardware, TMOS.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 24/05/2019.
Identifiers: CVE-2019-9074, K09092524, VIGILANCE-VUL-29404.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via bfd_getl32() of binutils, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about F5 BIG-IP TMOS: