cnvd - cnvd-2017-22319

cnvd-2017-22319

Vulnerability from cnvd

Title

多款F5产品缓冲区溢出漏洞

Description

F5 BIG-IPLTM等都是美国F5公司的产品。LTM是一款本地流量管理器；APM是一套提供安全统一访问关键业务应用和网络的解决方案。多款F5产品存在缓冲区溢出漏洞。远程攻击者可利用该漏洞造成拒绝服务。

Severity

中

Patch Name

多款F5产品缓冲区溢出漏洞的补丁

Patch Description

F5 BIG-IPLTM等都是美国F5公司的产品。LTM是一款本地流量管理器；APM是一套提供安全统一访问关键业务应用和网络的解决方案。多款F5产品存在缓冲区溢出漏洞。远程攻击者可利用该漏洞造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://support.f5.com/csp/article/K16196

Reference

https://support.f5.com/csp/article/K16196

Impacted products

Name
['F5 ARX', 'F5 BIG-IP Edge Gateway >=11.0.0', 'F5 BIG-IQ Device', 'F5 BIG-IQ Cloud', 'F5 BIG-IP LTM 11.6.0', 'F5 BIG-IP AAM 11.6.0', 'F5 BIG-IP AFM 11.6.0', 'F5 BIG-IP Analytics 11.6.0', 'F5 BIG-IP APM 11.6.0', 'F5 BIG-IP ASM 11.6.0', 'F5 BIG-IP Link Controller 11.6.0', 'F5 BIG-IP PEM 11.6.0', 'F5 BIG-IP GTM 11.6.0', 'F5 FirePass', 'F5 WebSafe', 'F5 LineRate', 'F5 BIG-IQ Security', 'F5 BIG-IQ ADC', 'F5 BIG-IP DNS', 'F5 Traffix-SDC', 'F5 Enterprise Manager >=3.0.0，<=HF4', 'F5 Enterprise Manager >=2.1.0，<=2.3.0', 'F5 BIG-IP WOM >=11.0.0，<=11.3.0', 'F5 BIG-IP WOM >=10.0.0，<=10.2.4', 'F5 BIG-IP WebAccelerator >=11.0.0，<=11.3.0', 'F5 BIG-IP WebAccelerator >=10.0.0，<=10.2.4', 'F5 BIG-IP PSM >=11.0.0，<=11.4.1', 'F5 BIG-IP PSM >=10.0.0，<=10.2.4', 'F5 BIG-IP PEM >=11.3.0，<=11.5.2', 'F5 BIG-IP Link Controller >=11.0.0，<=11.5.2', 'F5 BIG-IP Link Controller >=10.0.0，<=10.2.4', 'F5 BIG-IP GTM >=11.0.0，<=11.5.2', 'F5 BIG-IP GTM >=10.0.0，<=10.2.4', 'F5 BIG-IP Edge Gateway >=10.1.0，<=10.2.4', 'F5 BIG-IP ASM >=11.0.0，<=11.5.2', 'F5 BIG-IP ASM >=10.0.0，<=10.2.4', 'F5 BIG-IP APM >=11.0.0，<=11.5.2', 'F5 BIG-IP APM >=10.1.0，<=10.2.4', 'F5 BIG-IP Analytics >=11.0.0，<=11.5.2', 'F5 BIG-IP AFM >=11.3.0，<=11.5.2', 'F5 BIG-IP AAM >=11.4.0，<=11.5.2', 'F5 BIG-IP LTM >=11.0.0，<=11.5.2', 'F5 BIG-IP LTM >=10.0.0，<=10.2.4']

Name

['F5 ARX', 'F5 BIG-IP Edge Gateway >=11.0.0', 'F5 BIG-IQ Device', 'F5 BIG-IQ Cloud', 'F5 BIG-IP LTM 11.6.0', 'F5 BIG-IP AAM 11.6.0', 'F5 BIG-IP AFM 11.6.0', 'F5 BIG-IP Analytics 11.6.0', 'F5 BIG-IP APM 11.6.0', 'F5 BIG-IP ASM 11.6.0', 'F5 BIG-IP Link Controller 11.6.0', 'F5 BIG-IP PEM 11.6.0', 'F5 BIG-IP GTM 11.6.0', 'F5 FirePass', 'F5 WebSafe', 'F5 LineRate', 'F5 BIG-IQ Security', 'F5 BIG-IQ ADC', 'F5 BIG-IP DNS', 'F5 Traffix-SDC', 'F5 Enterprise Manager >=3.0.0，<=HF4', 'F5 Enterprise Manager >=2.1.0，<=2.3.0', 'F5 BIG-IP WOM >=11.0.0，<=11.3.0', 'F5 BIG-IP WOM >=10.0.0，<=10.2.4', 'F5 BIG-IP WebAccelerator >=11.0.0，<=11.3.0', 'F5 BIG-IP WebAccelerator >=10.0.0，<=10.2.4', 'F5 BIG-IP PSM >=11.0.0，<=11.4.1', 'F5 BIG-IP PSM >=10.0.0，<=10.2.4', 'F5 BIG-IP PEM >=11.3.0，<=11.5.2', 'F5 BIG-IP Link Controller >=11.0.0，<=11.5.2', 'F5 BIG-IP Link Controller >=10.0.0，<=10.2.4', 'F5 BIG-IP GTM >=11.0.0，<=11.5.2', 'F5 BIG-IP GTM >=10.0.0，<=10.2.4', 'F5 BIG-IP Edge Gateway >=10.1.0，<=10.2.4', 'F5 BIG-IP ASM >=11.0.0，<=11.5.2', 'F5 BIG-IP ASM >=10.0.0，<=10.2.4', 'F5 BIG-IP APM >=11.0.0，<=11.5.2', 'F5 BIG-IP APM >=10.1.0，<=10.2.4', 'F5 BIG-IP Analytics >=11.0.0，<=11.5.2', 'F5 BIG-IP AFM >=11.3.0，<=11.5.2', 'F5 BIG-IP AAM >=11.4.0，<=11.5.2', 'F5 BIG-IP LTM >=11.0.0，<=11.5.2', 'F5 BIG-IP LTM >=10.0.0，<=10.2.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2014-6031"
    }
  },
  "description": "F5 BIG-IPLTM\u7b49\u90fd\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4ea7\u54c1\u3002LTM\u662f\u4e00\u6b3e\u672c\u5730\u6d41\u91cf\u7ba1\u7406\u5668\uff1bAPM\u662f\u4e00\u5957\u63d0\u4f9b\u5b89\u5168\u7edf\u4e00\u8bbf\u95ee\u5173\u952e\u4e1a\u52a1\u5e94\u7528\u548c\u7f51\u7edc\u7684\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\n\u591a\u6b3eF5\u4ea7\u54c1\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "F5 Networks, Inc.",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.f5.com/csp/article/K16196",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-22319",
  "openTime": "2017-08-22",
  "patchDescription": "F5 BIG-IPLTM\u7b49\u90fd\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4ea7\u54c1\u3002LTM\u662f\u4e00\u6b3e\u672c\u5730\u6d41\u91cf\u7ba1\u7406\u5668\uff1bAPM\u662f\u4e00\u5957\u63d0\u4f9b\u5b89\u5168\u7edf\u4e00\u8bbf\u95ee\u5173\u952e\u4e1a\u52a1\u5e94\u7528\u548c\u7f51\u7edc\u7684\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\n\u591a\u6b3eF5\u4ea7\u54c1\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eF5\u4ea7\u54c1\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "F5 ARX",
      "F5 BIG-IP Edge Gateway \u003e=11.0.0",
      "F5 BIG-IQ Device",
      "F5 BIG-IQ Cloud",
      "F5 BIG-IP LTM 11.6.0",
      "F5 BIG-IP AAM 11.6.0",
      "F5 BIG-IP AFM 11.6.0",
      "F5 BIG-IP Analytics 11.6.0",
      "F5 BIG-IP APM 11.6.0",
      "F5 BIG-IP ASM 11.6.0",
      "F5 BIG-IP Link Controller 11.6.0",
      "F5 BIG-IP PEM 11.6.0",
      "F5 BIG-IP GTM 11.6.0",
      "F5 FirePass",
      "F5 WebSafe",
      "F5 LineRate",
      "F5 BIG-IQ Security",
      "F5 BIG-IQ ADC",
      "F5 BIG-IP DNS",
      "F5 Traffix-SDC",
      "F5 Enterprise Manager \u003e=3.0.0\uff0c\u003c=HF4",
      "F5 Enterprise Manager  \u003e=2.1.0\uff0c\u003c=2.3.0",
      "F5 BIG-IP WOM \u003e=11.0.0\uff0c\u003c=11.3.0",
      "F5 BIG-IP WOM  \u003e=10.0.0\uff0c\u003c=10.2.4",
      "F5 BIG-IP WebAccelerator \u003e=11.0.0\uff0c\u003c=11.3.0",
      "F5 BIG-IP WebAccelerator  \u003e=10.0.0\uff0c\u003c=10.2.4",
      "F5 BIG-IP PSM \u003e=11.0.0\uff0c\u003c=11.4.1",
      "F5 BIG-IP PSM  \u003e=10.0.0\uff0c\u003c=10.2.4",
      "F5 BIG-IP PEM \u003e=11.3.0\uff0c\u003c=11.5.2",
      "F5 BIG-IP Link Controller \u003e=11.0.0\uff0c\u003c=11.5.2",
      "F5 BIG-IP Link Controller  \u003e=10.0.0\uff0c\u003c=10.2.4",
      "F5 BIG-IP GTM \u003e=11.0.0\uff0c\u003c=11.5.2",
      "F5 BIG-IP GTM  \u003e=10.0.0\uff0c\u003c=10.2.4",
      "F5 BIG-IP Edge Gateway  \u003e=10.1.0\uff0c\u003c=10.2.4",
      "F5 BIG-IP ASM \u003e=11.0.0\uff0c\u003c=11.5.2",
      "F5 BIG-IP ASM  \u003e=10.0.0\uff0c\u003c=10.2.4",
      "F5 BIG-IP APM \u003e=11.0.0\uff0c\u003c=11.5.2",
      "F5 BIG-IP APM  \u003e=10.1.0\uff0c\u003c=10.2.4",
      "F5 BIG-IP Analytics \u003e=11.0.0\uff0c\u003c=11.5.2",
      "F5 BIG-IP AFM \u003e=11.3.0\uff0c\u003c=11.5.2",
      "F5 BIG-IP AAM \u003e=11.4.0\uff0c\u003c=11.5.2",
      "F5 BIG-IP LTM \u003e=11.0.0\uff0c\u003c=11.5.2",
      "F5 BIG-IP LTM  \u003e=10.0.0\uff0c\u003c=10.2.4"
    ]
  },
  "referenceLink": "https://support.f5.com/csp/article/K16196",
  "serverity": "\u4e2d",
  "submitTime": "2017-07-07",
  "title": "\u591a\u6b3eF5\u4ea7\u54c1\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CVE-2014-6031 (GCVE-0-2014-6031)

Vulnerability from cvelistv5

Published

2017-06-08 16:00

Modified

2024-08-06 12:03

Severity ?

CWE

Summary

Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors.

References

URL

Tags

https://support.f5.com/csp/article/K16196

x_refsource_CONFIRM