Foreshadow is the name assigned to three speculative execution flaws reported to Intel shortly after the disclosure in January 2018 of the notorious Meltdown and Spectre vulnerabilities.
Read More
In most of the macro-based attacks, human intervention on the part of the victim is required at least once, and usually twice.
Read More
Reddit acknowledged the “ongoing incident” and said it is “working on locking down the bad actors and reverting the changes.”
Read More
With attacks like BlueBorne, KNOB, or BadBlueTooth, cybercriminals have tried to exploit handheld devices to fulfill their nefarious objectives.
Read More
A series of business email compromise campaigns has been targeting executives of more than 1,000 companies, most recently in the US and Canada.
Read More
Facebook has formally launched today one of Instagram’s secret tools for finding and fixing bugs in the app’s vast Python codebase.
Read More
Bulgarian law enforcement has arrested a local hacker going by the name of Instakilla on accusations of hacking, extorting companies, and selling hacked data online.
Read More
A data breach has affected almost half a million users of an online examination tool ProctorU, which is widely used by educational institutions worldwide.
Read More
Researchers identified serious flaws in Qualcomm’s Snapdragon SoC and the Hexagon architecture that impacts nearly half of Android handsets.
Read More
The Netwalker ransomware actors claimed to pilfer data from Forsee Power. It was just last week when the FBI alerted about the increasing attacks by the group.
Read More
Legacy applications don’t support modern authentication — and cybercriminals know this.
Read More
Researchers reported a new Mirai botnet downloader that scans for exposed devices—via recently discovered vulnerabilities—for intrusion and payload delivery.
Read More
Fully opening the door to allow people to contribute to – and notably, tinker with – the code for the data-breach information service will be an entirely next-level effort, according to founder Troy Hunt.
Read More
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.2660.2
jQuery vulnerability CVE-2020-11022/CVE-2020-11023
7 August 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: BIG-IP
BIG-IQ
Traffix SDC
Publisher: F5 Networks
Operating System: Network Appliance
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Cross-site Scripting -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2020-11023 CVE-2020-11022
Reference: ESB-2020.2375
ESB-2020.2287
Original Bulletin:
https://support.f5.com/csp/article/K02453220
https://support.f5.com/csp/article/K66544153
Comment: This bulletin contains two (2) F5 Networks security advisories.
Revision History: August 7 2020: Advisories have been updated to include mitigations
August 4 2020: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
K02453220:jQuery vulnerability CVE-2020-11022
Security Advisory
Original Publication Date: 04 Aug, 2020
Latest Publication Date: 06 Aug, 2020
Security Advisory Description
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML
from untrusted sources - even after sanitizing it - to one of jQuery's DOM
manipulation methods (i.e. .html(), .append(), and others) may execute
untrusted code. This problem is patched in jQuery 3.5.0. (CVE-2020-11022)
Impact
This vulnerability may allow running cross-site scripting (XSS) attacks due to
improper injQuery.htmlPrefilter method.
Security Advisory Status
F5 Product Development has assigned ID 928901 and ID 928905 (BIG-IP), ID 933113
(BIG-IQ), and CPF-25202 (Traffix SDC) to this vulnerability.
To determine if your product and version have been evaluated for this
vulnerability, refer to the Applies to (see versions) box. To determine if your
release is known to be vulnerable, the components or features that are affected
by the vulnerability, and for information about releases, point releases, or
hotfixes that address the vulnerability, refer to the following table. For more
information about security advisory versioning, refer to K51812227:
Understanding security advisory versioning.
+------------------+------+----------+----------+--------+------+-------------+
| | |Versions |Fixes | |CVSSv3|Vulnerable |
|Product |Branch|known to |introduced|Severity|score^|component or |
| | |be |in | |1 |feature |
| | |vulnerable| | | | |
+------------------+------+----------+----------+--------+------+-------------+
| |16.x |16.0.0 |None | | | |
| +------+----------+----------+ | | |
| |15.x |15.0.0 - |None | | | |
| | |15.1.0 | | | | |
|BIG-IP (LTM, AAM, +------+----------+----------+ | | |
|Advanced WAF, AFM,|14.x |14.1.0 - |None | | | |
|Analytics, APM, | |14.1.2 | | | |TMUI/ |
|ASM, DDHD, DNS, +------+----------+----------+Medium |5.7 |Configuration|
|FPS, GTM, Link |13.x |13.1.0 - |None | | |utility, |
|Controller, PEM, | |13.1.3 | | | |iAppsLX |
|SSLO) +------+----------+----------+ | | |
| |12.x |12.1.0 - |None | | | |
| | |12.1.5 | | | | |
| +------+----------+----------+ | | |
| |11.x |11.6.1 - |None | | | |
| | |11.6.5 | | | | |
+------------------+------+----------+----------+--------+------+-------------+
| |7.x |7.0.0 - |None | | | |
| | |7.1.0 | | | | |
|BIG-IQ Centralized+------+----------+----------+ | |TMUI/ |
|Management |6.x |6.0.0 - |None |Medium |5.7 |Configuration|
| | |6.1.0 | | | |utility |
| +------+----------+----------+ | | |
| |5.x |5.4.0 |None | | | |
+------------------+------+----------+----------+--------+------+-------------+
|Traffix SDC |5.x |5.1.0 |None |Medium |6.1 |WebUI |
+------------------+------+----------+----------+--------+------+-------------+
^1The CVSSv3 score link takes you to a resource outside of AskF5, and it is
possible that the document may be removed without our knowledge.
Security Advisory Recommended Actions
If you are running a version listed in the Versions known to be vulnerable
column, you can eliminate this vulnerability by upgrading to a version listed
in the Fixes introduced in column. If the table lists only an older version
than what you are currently running, or does not list a non-vulnerable version,
then no upgrade candidate currently exists.
Mitigation
To mitigate this vulnerability, you should permit management access to F5
products only over a secure network, and limit shell access to only trusted
users. For more information about securing access to BIG-IP and Enterprise
Manager systems, refer to K13309: Restricting access to the Configuration
utility by source IP address (11.x - 16.x) and K13092: Overview of securing
access to the BIG-IP system.
Supplemental Information
o K41942608: Overview of security advisory articles
o K4602: Overview of the F5 security vulnerability response policy
o K4918: Overview of the F5 critical issue hotfix policy
o K9502: BIG-IP hotfix and point release matrix
o K13123: Managing BIG-IP product hotfixes (11.x - 16.x)
o K15106: Managing BIG-IQ product hotfixes
o K15113: BIG-IQ hotfix and point release matrix
o K48955220: Installing an OPSWAT Endpoint Security update on BIG-IP APM
systems (11.4.x and later)
o K167: Downloading software and firmware from F5
o K9970: Subscribing to email notifications regarding F5 products
o K9957: Creating a custom RSS feed to view new and updated documents
- -------------------------------------------------------------------------------
K66544153:jQuery vulnerability CVE-2020-11023
Security Advisory
Original Publication Date: 04 Aug, 2020
Latest Publication Date: 06 Aug, 2020
Security Advisory Description
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing
HTML containing elements from untrusted sources - even after
sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(),
.append(), and others) may execute untrusted code. This problem is patched in
jQuery 3.5.0. (CVE-2020-11023)
Impact
Attackers may be able to pass HTML containing elements resulting in
untrusted code execution.
Security Advisory Status
F5 Product Development has assigned ID 929709 and ID 929717 (BIG-IP), ID 933289
(BIG-IQ), and CPF-25202 (Traffix SDC) to this vulnerability.
To determine if your product and version have been evaluated for this
vulnerability, refer to the Applies to (see versions) box. To determine if your
release is known to be vulnerable, the components or features that are affected
by the vulnerability, and for information about releases, point releases, or
hotfixes that address the vulnerability, refer to the following table. For more
information about security advisory versioning, refer to K51812227:
Understanding security advisory versioning.
+------------------+------+----------+----------+--------+------+-------------+
| | |Versions |Fixes | |CVSSv3|Vulnerable |
|Product |Branch|known to |introduced|Severity|score^|component or |
| | |be |in | |1 |feature |
| | |vulnerable| | | | |
+------------------+------+----------+----------+--------+------+-------------+
| |16.x |16.0.0 |None | | | |
| +------+----------+----------+ | | |
| |15.x |15.0.0 - |None | | | |
| | |15.1.0 | | | | |
|BIG-IP (LTM, AAM, +------+----------+----------+ | | |
|Advanced WAF, AFM,|14.x |14.1.0 - |None | | | |
|Analytics, APM, | |14.1.2 | | | |TMUI/ |
|ASM, DDHD, DNS, +------+----------+----------+Low |3.3 |Configuration|
|FPS, GTM, Link |13.x |13.1.0 - |None | | |utility, |
|Controller, PEM, | |13.1.3 | | | |iAppsLX |
|SSLO) +------+----------+----------+ | | |
| |12.x |12.1.0 - |None | | | |
| | |12.1.5 | | | | |
| +------+----------+----------+ | | |
| |11.x |11.6.1 - |None | | | |
| | |11.6.5 | | | | |
+------------------+------+----------+----------+--------+------+-------------+
| |7.x |7.0.0 - |None | | | |
| | |7.1.0 | | | | |
|BIG-IQ Centralized+------+----------+----------+ | |TMUI/ |
|Management |6.x |6.0.0 - |None |Low |3.3 |Configuration|
| | |6.1.0 | | | |utility |
| +------+----------+----------+ | | |
| |5.x |5.4.0 |None | | | |
+------------------+------+----------+----------+--------+------+-------------+
|Traffix SDC |5.x |5.1.0 |None |Medium |6.1 |WebUI |
+------------------+------+----------+----------+--------+------+-------------+
^1The CVSSv3 score link takes you to a resource outside of AskF5, and it is
possible that the document may be removed without our knowledge.
Security Advisory Recommended Actions
If you are running a version listed in the Versions known to be vulnerable
column, you can eliminate this vulnerability by upgrading to a version listed
in the Fixes introduced in column. If the table lists only an older version
than what you are currently running, or does not list a non-vulnerable version,
then no upgrade candidate currently exists.
Mitigation
To mitigate this vulnerability, you should permit management access to F5
products only over a secure network, and limit shell access to only trusted
users. For more information about securing access to BIG-IP and Enterprise
Manager systems, refer to K13309: Restricting access to the Configuration
utility by source IP address (11.x - 16.x) and K13092: Overview of securing
access to the BIG-IP system.
Supplemental Information
o K41942608: Overview of security advisory articles
o K4602: Overview of the F5 security vulnerability response policy
o K4918: Overview of the F5 critical issue hotfix policy
o K9502: BIG-IP hotfix and point release matrix
o K13123: Managing BIG-IP product hotfixes (11.x - 16.x)
o K15106: Managing BIG-IQ product hotfixes
o K15113: BIG-IQ hotfix and point release matrix
o K48955220: Installing an OPSWAT Endpoint Security update on BIG-IP APM
systems (11.4.x and later)
o K167: Downloading software and firmware from F5
o K9970: Subscribing to email notifications regarding F5 products
o K9957: Creating a custom RSS feed to view new and updated documents
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXyzt2ONLKJtyKPYoAQgJ9Q//aSEyW/2Hn1hE8LwDECh/xb16vsMCOx6d
U2+Y0bHhqbeR7Wb9+qWG94sIhM2Wakaynten3MC+od1hvnB7ulpCzE5bZw07vGPg
mTX7heEmw3kIckXNyoJQlVeU0kPpKWbBTHXlM0ooySLDyeRAjFczg2TKMDwk1vQM
3A1u2Rs4kvua3wYjGaRsPvWutuLMrielzHb+LvdEDKwP62HbiearzuxBIKWCMkm3
Nul5AWQFMSG3MGowPAK2lTScF0j2uns1x3qYTytgKeocKLKLgZp5LR+px5B9nLk7
ZdlLuUxVsQck8bx+EhAS6FUZBQnYy0dTQQ3JnS4rwJ8CkRQ4SiJq+B3IAH9Vg9eq
dX1AN83bJE9C06uukhd9JhW/EAh1/tfb84AilShWG7WIIYAe22rY90/lXYcDmhLb
DDgY1W3mGz2pnH6/zJzm63bPljfvzdPnVAIC1IRsifm4ByxzBJ6OwC9N3pdSp38M
RoBq/PTpXU59maUw8yLF5gH1fxxD259niuzruIGE6rustpeib4laJmzGWdfdNFwE
q2xlJ018rs6aE8QRwnN8HPnm+okJpQOCTcRhYHdK9VSNa/2iicmPyMTlI453L4ej
RxghWKbKJPxJoeEjP7uabWGRKMn4VPb9tYoV4DEdSJ+thexw/jtJL9S7HKY4vh0H
iG2yk5JBLzM=
=cdT9
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.2721
Advisory (icsa-20-219-02) Advantech WebAccess HMI Designer
7 August 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: WebAccess HMI Designer
Publisher: US-CERT
Operating System: Network Appliance
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Denial of Service -- Existing Account
Access Confidential Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2020-16229 CVE-2020-16217 CVE-2020-16215
CVE-2020-16213 CVE-2020-16211 CVE-2020-16207
Original Bulletin:
https://us-cert.cisa.gov/ics/advisories/icsa-20-219-02
- --------------------------BEGIN INCLUDED TEXT--------------------
ICS Advisory (ICSA-20-219-02)
Advantech WebAccess HMI Designer
Original release date: August 06, 2020
Legal Notice
All information products included in https://us-cert.gov/ics are provided"as
is" for informational purposes only. The Department of Homeland Security (DHS)
does not provide any warranties of any kind regarding any information contained
within. DHS does not endorse any commercial product or service, referenced in
this product or otherwise. Further dissemination of this product is governed by
the Traffic Light Protocol (TLP) marking in the header. For more information
about TLP, see https://www.us-cert.gov/tlp/ .
1. EXECUTIVE SUMMARY
o CVSS v3 9.8
o ATTENTION: Exploitable remotely/low skill level to exploit
o Vendor: Advantech
o Equipment: WebAccess HMI Designer
o Vulnerabilities: Heap-based Buffer Overflow, Out-of-bounds Read,
Out-of-bounds Write, Type Confusion, Stack-based Buffer Overflow, Double
Free
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to
read/modify information, execute arbitrary code, and/or crash the application.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Advantech WebAccess HMI Designer, a Human Machine
Interface (HMI) runtime development software, are affected:
o WebAccess HMI Designer Versions 2.1.9.31 and prior
3.2 VULNERABILITY OVERVIEW
3.2.1 HEAP-BASED BUFFER OVERFLOW CWE-122
Multiple heap-based buffer overflow vulnerabilities may be exploited by opening
specially crafted project files that may overflow the heap, which may allow
remote code execution, disclosure/modification of information, or cause the
application to crash.
CVE-2020-16207 has been assigned to this vulnerability. A CVSS v3 base score of
7.8 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/
C:H/I:H/A:H ).
3.2.2 OUT-OF-BOUNDS READ CWE-125
An out-of-bounds read vulnerability may be exploited by processing specially
crafted project files, which may allow an attacker to read information.
CVE-2020-16211 has been assigned to this vulnerability. A CVSS v3 base score of
3.3 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/
C:L/I:N/A:N ).
3.2.3 OUT-OF-BOUNDS WRITE CWE-787
Processing specially crafted project files lacking proper validation of user
supplied data may cause the system to write outside the intended buffer area,
which may allow remote code execution, disclosure/modification of information,
or cause the application to crash.
CVE-2020-16213 has been assigned to this vulnerability. A CVSS v3 base score of
7.8 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/
C:H/I:H/A:H ).
3.2.4 ACCESS OF RESOURCE USING INCOMPATIBLE TYPE ('TYPE CONFUSION') CWE-843
Processing specially crafted project files lacking proper validation of user
supplied data may cause a type confusion condition, which may allow remote code
execution, disclosure/modification of information, or cause the application to
crash.
CVE-2020-16229 has been assigned to this vulnerability. A CVSS v3 base score of
7.8 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/
C:H/I:H/A:H ).
3.2.5 STACK-BASED BUFFER OVERFLOW CWE-121
Processing specially crafted project files lacking proper validation of user
supplied data may cause a stack-based buffer overflow, which may allow remote
code execution, disclosure/modification of information, or cause the
application to crash.
CVE-2020-16215 has been assigned to this vulnerability. A CVSS v3 base score of
9.8 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/
C:H/I:H/A:H ).
3.2.6 DOUBLE FREE CWE-415
A double free vulnerability caused by processing specially crafted project
files may allow remote code execution, disclosure/modification of information,
or cause the application to crash.
CVE-2020-16217 has been assigned to this vulnerability. A CVSS v3 base score of
7.8 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/
C:H/I:H/A:H ).
3.3 BACKGROUND
o CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing, Energy, Water and
Wastewater Systems
o COUNTRIES/AREAS DEPLOYED: East Asia, Europe, United States
o COMPANY HEADQUARTERS LOCATION: Taiwan
3.4 RESEARCHER
kimiya and Natnael Samson (@NattiSamson) working with Trend Micro's Zero Day
Initiative reported these vulnerabilities to CISA.
4. MITIGATIONS
Advantech has released Version 2.1.9.81 of WebAccess HMI Designer to address
the reported vulnerabilities. Users can download the latest version of
WebAccess HMI Designer.
CISA recommends users take the following measures to protect themselves from
social engineering attacks:
o Do not click web links or open unsolicited attachments in email messages.
o Refer to Recognizing and Avoiding Email Scams for more information on
avoiding email scams.
o Refer to Avoiding Social Engineering and Phishing Attacks for more
information on social engineering attacks.
CISA reminds organizations to perform proper impact analysis and risk
assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices
on the ICS webpage on us-cert.gov . Several recommended practices are available
for reading and download, including Improving Industrial Control Systems
Cybersecurity with Defense-in-Depth Strategies .
Additional mitigation guidance and recommended practices are publicly available
on the ICS webpage on us-cert.gov in the Technical Information Paper,
ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation
Strategies .
Organizations observing any suspected malicious activity should follow their
established internal procedures and report their findings to CISA for tracking
and correlation against other incidents.
No known public exploits specifically target these vulnerabilities.
For any questions related to this report, please contact the CISA at:
Email: CISAservicedesk@cisa.dhs.gov
Toll Free: 1-888-282-0870
CISA continuously strives to improve its products and services. You can help by
choosing one of the links below to provide feedback about this product.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXyznheNLKJtyKPYoAQiABQ//cnO7kHQdTm3P13X9q875XhqLenSUDZHu
G0+bYSXccBw/ZOItQrDiqYN+Ij7TgUOBREwgI4Yw/xwKFFLELUlVhg/Lkd8oxF52
vMbteCBnD9QQjk1G22LuV1MupYTXKfp1UZpPRUuDs/HW43CQ/Kuyq3UdEdWSMXsk
82oPdcF465scoQUUpRYnyop7a3YFe+y6nr01jR7TzV4OJ5tFfzTZdpigHJn4Z0s2
yHwE2TO9F5CUxegS9BS1N7aYxjc8lJS0pdv+0yyb/+6qjGJPvBJzjrbq8e7UlYbZ
18sLsApGcv8ZPcT6CBxJ0+91QbffETFv5F07QSInKxYnDX7CqJJ3/VaRV8JeFRoF
eURH98uzxemurVBP4qE9LYYVTz/6ib7kbbYjuJDmZdZJ05zxfBcMkjtla7r7cgrv
nNfyK+jJhqsGioutDcoUOOQ3fEWVXTEjPACsUKFUbW1W1elYvNRGvzLsB0i/1Fgq
iCriGKMPltgE2jLqymWyTE75HrhrCJydou4bDHr6DU+LKMaL3Cz69S/HuXIwfWkL
RHiKlCS9HfLY31yLUO5KhWgP8mZBpa0U78QS3cOjJv1PhBX7dZQjQQtA4kwq50/a
lOxZ9/mPLWx3LCfnoLsz/UJHCG9Ghw5CSjyFqGDlbDVC7+6OubBfE/1yCBSQqAvd
t1ifo7973bs=
=TD9U
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.2722
PCRE vulnerability CVE-2020-14155
7 August 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: PCRE
Publisher: F5 Networks
Operating System: Network Appliance
Impact/Access: Denial of Service -- Remote/Unauthenticated
Resolution: None
CVE Names: CVE-2020-14155
Reference: ESB-2020.2265
Original Bulletin:
https://support.f5.com/csp/article/K02219239
- --------------------------BEGIN INCLUDED TEXT--------------------
K02219239:PCRE vulnerability CVE-2020-14155
Security Advisory
Original Publication Date: 05 Aug, 2020
Security Advisory Description
libpcre in PCRE before 8.44 allows an integer overflow via a large number after
a (C substring. (CVE-2020-14155)
Impact
An attacker may be able cause an integer overflow that negatively
impacts applications.
Security Advisory Status
F5 Product Development has assigned ID CPF-25205 and CPF-25206 (Traffix SDC) to
this vulnerability.
To determine if your product and version have been evaluated for this
vulnerability, refer to the Applies to (see versions) box. To determine if your
release is known to be vulnerable, the components or features that are affected
by the vulnerability, and for information about releases, point releases, or
hotfixes that address the vulnerability, refer to the following table. For more
information about security advisory versioning, refer to K51812227:
Understanding security advisory versioning.
+-------------------+------+----------+----------+----------+------+----------+
| | |Versions |Fixes | |CVSSv3|Vulnerable|
|Product |Branch|known to |introduced|Severity |score^|component |
| | |be |in | |1 |or feature|
| | |vulnerable| | | | |
+-------------------+------+----------+----------+----------+------+----------+
| |16.x |None |Not | | | |
| | | |applicable| | | |
| +------+----------+----------+ | | |
| |15.x |None |Not | | | |
| | | |applicable| | | |
|BIG-IP (LTM, AAM, +------+----------+----------+ | | |
|Advanced WAF, AFM, |14.x |None |Not | | | |
|Analytics, APM, | | |applicable|Not | | |
|ASM, DDHD, DNS, +------+----------+----------+vulnerable|None |None |
|FPS, GTM, Link |13.x |None |Not | | | |
|Controller, PEM, | | |applicable| | | |
|SSLO) +------+----------+----------+ | | |
| |12.x |None |Not | | | |
| | | |applicable| | | |
| +------+----------+----------+ | | |
| |11.x |None |Not | | | |
| | | |applicable| | | |
+-------------------+------+----------+----------+----------+------+----------+
| |7.x |None |Not | | | |
| | | |applicable| | | |
| +------+----------+----------+ | | |
|BIG-IQ Centralized |6.x |None |Not |Not |None |None |
|Management | | |applicable|vulnerable| | |
| +------+----------+----------+ | | |
| |5.x |None |Not | | | |
| | | |applicable| | | |
+-------------------+------+----------+----------+----------+------+----------+
|Traffix SDC |5.x |5.1.0 |None |Medium |5.3 |PCRE |
+-------------------+------+----------+----------+----------+------+----------+
^1The CVSSv3 score link takes you to a resource outside of AskF5, and it is
possible that the document may be removed without our knowledge.
Security Advisory Recommended Actions
If you are running a version listed in the Versions known to be vulnerable
column, you can eliminate this vulnerability by upgrading to a version listed
in the Fixes introduced in column. If the table lists only an older version
than what you are currently running, or does not list a non-vulnerable version,
then no upgrade candidate currently exists.
Mitigation
None
Supplemental Information
o K41942608: Overview of security advisory articles
o K4602: Overview of the F5 security vulnerability response policy
o K4918: Overview of the F5 critical issue hotfix policy
o K9502: BIG-IP hotfix and point release matrix
o K13123: Managing BIG-IP product hotfixes (11.x - 16.x)
o K167: Downloading software and firmware from F5
o K9970: Subscribing to email notifications regarding F5 products
o K9957: Creating a custom RSS feed to view new and updated documents
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXyzn3eNLKJtyKPYoAQjNww//WcbsGAa/Udn5dOZ1EXRBDEQKUutihKZw
xqIR75Y3jbVcc5kOk1ghxiYWHyjkKuQV0I2V+YnblG9ny/92323J7B7f0BFqXbR2
Hjhc53gUwWTjkGlHeUHG9KEKiL1AFAwB/KYJ9gYjr1csMBcihsO6MuKNwNw+Znl9
aSNys03B9j5DwgkFop+PvRC5IhD1pik3sp2fYNhXaTCXtblAqmjuwjEYip5Pjtcy
ipOG9fgjuO702H6dyJUhFbOF6LYdttK9Egn3VC6Ep+2XlbvsnNdrMctG48Wul4en
BosDEQPn1g/wblI7uVtw5uXOOYKs8C8xD+HsdGEFh+PeSAoUJXb+lQERvIZD344s
ZtcDYrLLzGN/p6gTmc8ESyE2le+W5Wpc6sopOeQ9WwjwREUi4+pALckw4Y4oxoZn
uOuSpu9B3v8m09BlVHRVabTrgxzXjk0kUQtB27W5w1IAb/tS9AHXi8NdwcxZQPeQ
+4mkfVKdVb329CaC3qkTUo+VhyxcTXfl3SsbkLwCY/nM7O2EfmstwuJIt4Zfoqfm
KKnLEhaQS0IS5n1UBhQQHGwo8bxZigNkgdJhUUKl18KfjgoBrsQXz6pD8XjJ4L2q
Be+NWv9e2sCazON6P+y+32W/WXyWzJjk2r2nSwRe23nNS/ShZWrXybC8K8ya1zf7
IWSyGvRTKO4=
=dIjZ
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.2713
Red Hat OpenShift Service Mesh
3scale-istio-adapter-rhel8-container security update
7 August 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat OpenShift Service Mesh 3scale-istio-adapter-rhel8-container
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux WS/Desktop 8
Red Hat Enterprise Linux Server 8
Impact/Access: Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-14040 CVE-2020-11080 CVE-2020-9283
Reference: ESB-2020.2575
ESB-2020.2377
ESB-2020.2375
ESB-2020.2303
Original Bulletin:
https://access.redhat.com/errata/RHSA-2020:3372
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Red Hat OpenShift Service Mesh 3scale-istio-adapter-rhel8-container security update
Advisory ID: RHSA-2020:3372-01
Product: Red Hat OpenShift Service Mesh
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3372
Issue date: 2020-08-06
CVE Names: CVE-2020-9283 CVE-2020-11080 CVE-2020-14040
=====================================================================
1. Summary:
An update for 3scale-istio-adapter-rhel8-container is now available for
OpenShift Service Mesh.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio
service mesh project, tailored for installation into an on-premise
OpenShift Container Platform installation.
Security Fix(es):
* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows
for panic (CVE-2020-9283)
* golang.org/x/text: possibility to trigger an infinite loop in
encoding/unicode could lead to crash (CVE-2020-14040)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
4. Bugs fixed (https://bugzilla.redhat.com/):
1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
5. JIRA issues fixed (https://issues.jboss.org/):
MAISTRA-1716 - Release 3scale-istio-adapter-rhel container
6. References:
https://access.redhat.com/security/cve/CVE-2020-9283
https://access.redhat.com/security/cve/CVE-2020-11080
https://access.redhat.com/security/cve/CVE-2020-14040
https://access.redhat.com/security/updates/classification/#moderate
7. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXyxmttzjgjWX9erEAQhuDQ/5Ac/xFUMD/Gt0izxxIxDym6IR0Am04lHN
mBq4x/CtftXRVPMnbHE39SasCKs2PPvB1h3qPrvEpXyCRsNGfXHgaitvvUtrpEdB
w/ahVdvf3jzhj+BoU7u1m61PQil4+X3pE5d1hz3DjrmkstWePVyQoUFeXhnCXnDi
T+AN4I4u3bWpqDRn74if+h/sclxTutrUz//wO+FmKAiYd6oc0rN6foqk5P5Qy5vs
2k+kW9v+LkJa3JwxjLXsXykcwOXpouJYlY9OLAE89w5mLgw7RccRqAK4QfOUXinK
KuuGTBnGUYxe/jg8OVSTfWdhy99mLZxaspmZRsxbUxYR2P0TpGNiyBVm7eRG/y3W
sTT7z+QCW6FDs6J/it+OQbCtgOSdYUnI8VJXQ1RRBWCogt9da5uZCVUFFx4lFB6H
pBB74yHgoupufgs4MPgaGIU55qnKIsC+QKoNL7GD3FsYvGddsTkck0KqZJzb2794
B4NhXSjqN/eVzXVnsHONrPRoCRt1m1V0+qu0OznZQ4vDUBLaHOEDqCr5Ic8jA5Pu
aFeMGmKhTFJR7JpWSObBLRf8cma1o3Z7UpVZbE8tyLgAjTuTLeovofxB5T0F7Hnn
/VIWVSXkQlz2ANKhv39hc/VveV5LIMUInVTHaNHHw2g1uVOXepadcuvqmV15p450
JOErQVXrxWA=
=FI2L
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXyzhPuNLKJtyKPYoAQh2og//RdQ7WJkt7LPdukcIqoyoE8VJbFeSYWNi
jklOXeUOvsV4KhFmLhVWJOxo6ChZKZZoGqh2diUO/GgiLfuxVNyHPV+kt7Jw/FPe
WvcEo0m1vSG7A/JwRi9cw0FiL9AAJYFFAsl8FWx2n9uM2/WB0pBmaBtWhYDTsEY+
Na9SmhRMTG/R0UtwOAYKf1W6dy81s96YpSGowTQYh20VWFYd/RPdKZpKM3SLesrQ
nMTqmEp1u+wAKyeZAPa7V4XcMqX5l0Y4S1la0BYqjsnDx7emspsm//2QqvWEvHEt
wweC/64PUGqHaca3ylTYDa31s5HkudtzSbu78MNTAIbjJ4g2xvYk+VdxaVIXyynQ
uBEchd7/ui4eQ87MuWuQidbslpHL1KMMYWJu0rhgTuyoZ2MQqVTY4DLx88Zdf8YW
EMnPRKkeySJRJikcqg4KHV6YFDn98Nw8r47urfFzmyWmOlq8dDB40JQeKI9Ssmac
RczQ7uzjYBHhDbDM3CPWincafkAi5loq3A4MUOry3ZJfvTNCGgEcoCHh81wlo7hE
gKmCbg3fS3aSUJv0xY764AX+dMMrv47lZwUOMwBl42uOfOL+nHIODlU+du1ydU/B
DiVCtvKO3a3OGNaydl9sxOXBu/DiEyrynhw9HRYeBVbbkSyWoJMqGwnDjOnnj+aT
2ibIwlPg9IA=
=pRNq
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.2720
Expat XML library vulnerability CVE-2015-1283
7 August 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Expat XML library
Publisher: F5 Networks
Operating System: Network Appliance
Impact/Access: Denial of Service -- Remote/Unauthenticated
Reduced Security -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2015-1283
Reference: ASB-2016.0120
ASB-2016.0103
ESB-2019.0094
ESB-2018.0626.3
ESB-2017.2550
ESB-2017.0819
Original Bulletin:
https://support.f5.com/csp/article/K15104541
- --------------------------BEGIN INCLUDED TEXT--------------------
K15104541:Expat XML library vulnerability CVE-2015-1283
Security Advisory
Original Publication Date: 12 Oct, 2016
Latest Publication Date: 07 Aug, 2020
Security Advisory Description
Multiple integer overflows in the XML_GetBuffer function in Expat through
2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow
remote attackers to cause a denial of service (heap-based buffer overflow) or
possibly have unspecified other impact via crafted XML data, a related issue to
CVE-2015-2716. (CVE-2015-1283)
Impact
This vulnerability may allow a remote attacker to cause a denial of service
(DoS) or create other unspecified impact using crafted XML data.
Security Advisory Status
F5 Product Development has assigned ID 617147 (BIG-IP), ID 617963 (BIG-IQ), ID
618241 (Enterprise Manager), and ID 528541 (ARX) to this vulnerability.
Additionally, BIG-IP iHealth may list Heuristic H15104541 on the Diagnostics >
Identified > Medium screen.
To determine if your release is known to be vulnerable, the components or
features that are affected by the vulnerability, and for information about
releases or hotfixes that address the vulnerability, refer to the following
table:
+---------------+----------------+-----------------+----------+----------------+
| |Versions known |Versions known to| |Vulnerable |
|Product |to be vulnerable|be not vulnerable|Severity |component or |
| | | | |feature |
+---------------+----------------+-----------------+----------+----------------+
| |12.0.0 - 12.1.5 |13.0.0 - 13.1.1 | | |
|BIG-IP LTM |11.4.0 - 11.6.5 |10.2.1 - 10.2.4 |Medium |iControl Soap |
| |11.2.1 | | | |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP AAM |12.0.0 - 12.1.5 |13.0.0 - 13.1.1 |Medium |iControl Soap |
| |11.4.0 - 11.6.5 | | | |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP AFM |12.0.0 - 12.1.5 |13.0.0 - 13.1.1 |Medium |iControl Soap |
| |11.4.0 - 11.6.5 | | | |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP |12.0.0 - 12.1.5 | | | |
|Analytics |11.4.0 - 11.6.5 |13.0.0 - 13.1.1 |Medium |iControl Soap |
| |11.2.1 | | | |
+---------------+----------------+-----------------+----------+----------------+
| |12.0.0 - 12.1.5 |13.0.0 - 13.1.1 | | |
|BIG-IP APM |11.4.0 - 11.6.5 |10.2.1 - 10.2.4 |Medium |iControl Soap |
| |11.2.1 | | | |
+---------------+----------------+-----------------+----------+----------------+
| |12.0.0 - 12.1.5 |13.0.0 - 13.1.1 | | |
|BIG-IP ASM |11.4.0 - 11.6.5 |10.2.1 - 10.2.4 |Medium |iControl Soap |
| |11.2.1 | | | |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP DNS |12.0.0 - 12.1.5 |13.0.0 - 13.1.1 |Medium |iControl Soap |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP Edge |11.2.1 |10.2.1 - 10.2.4 |Medium |iControl Soap |
|Gateway | | | | |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP GTM |11.4.0 - 11.6.5 |10.2.1 - 10.2.4 |Medium |iControl Soap |
| |11.2.1 | | | |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP Link |12.0.0 - 12.1.5 |13.0.0 - 13.1.1 | | |
|Controller |11.4.0 - 11.6.5 |10.2.1 - 10.2.4 |Medium |iControl Soap |
| |11.2.1 | | | |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP PEM |12.0.0 - 12.1.5 |13.0.0 - 13.1.1 |Medium |iControl Soap |
| |11.4.0 - 11.6.5 | | | |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP PSM |11.4.0 - 11.4.1 |10.2.1 - 10.2.4 |Medium |iControl Soap |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP |11.2.1 |10.2.1 - 10.2.4 |Medium |iControl Soap |
|WebAccelerator | | | | |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP WOM |11.2.1 |10.2.1 - 10.2.4 |Medium |iControl Soap |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IP WebSafe |12.0.0 - 12.1.5 |13.0.0 - 13.1.1 |Medium |iControl Soap |
| |11.6.0 - 11.6.5 | | | |
+---------------+----------------+-----------------+----------+----------------+
|ARX |6.2.0 - 6.4.0 |None |Low |Expat XML parser|
| | | | |library |
+---------------+----------------+-----------------+----------+----------------+
|Enterprise |3.1.1 |None |Medium |iControl Soap |
|Manager | | | | |
+---------------+----------------+-----------------+----------+----------------+
|FirePass |None |7.0.0 |Not |None |
| | | |vulnerable| |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IQ Cloud |4.0.0 - 4.5.0 |None |Medium |iControl Soap |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IQ Device |4.2.0 - 4.5.0 |None |Medium |iControl Soap |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IQ Security|4.0.0 - 4.5.0 |None |Medium |iControl Soap |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IQ ADC |4.5.0 |None |Medium |iControl Soap |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IQ |7.0.0 - 7.1.0 | | | |
|Centralized |6.0.0 - 6.1.0 |None |Medium |iControl Soap |
|Management |5.0.0 - 5.4.0 | | | |
| |4.6.0 | | | |
+---------------+----------------+-----------------+----------+----------------+
|BIG-IQ Cloud | | | | |
|and |1.0.0 |None |Medium |iControl Soap |
|Orchestration | | | | |
+---------------+----------------+-----------------+----------+----------------+
|F5 iWorkflow |2.0.0 |None |Medium |iControl Soap |
+---------------+----------------+-----------------+----------+----------------+
|LineRate |None |2.5.0 - 2.6.1 |Not |None |
| | | |vulnerable| |
+---------------+----------------+-----------------+----------+----------------+
|Traffix SDC |None |5.0.0 |Not |None |
| | |4.0.0 - 4.4.0 |vulnerable| |
+---------------+----------------+-----------------+----------+----------------+
Security Advisory Recommended Actions
If you are running a version listed in the Versions known to be vulnerable
column, you can eliminate this vulnerability by upgrading to a version listed
in the Versions known to be not vulnerable column. If the table lists only an
older version than what you are currently running, or does not list a
non-vulnerable version, then no upgrade candidate currently exists.
To determine the necessary upgrade path for your BIG-IQ system, you should
understand the BIG-IQ product offering name changes. For more information,
refer to K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems
.
Supplemental Information
o K9970: Subscribing to email notifications regarding F5 products
o K9957: Creating a custom RSS feed to view new and updated documents
o K4602: Overview of the F5 security vulnerability response policy
o K4918: Overview of the F5 critical issue hotfix policy
o K167: Downloading software and firmware from F5
o K13123: Managing BIG-IP product hotfixes (11.x - 16.x)
o K9502: BIG-IP hotfix matrix
o K15106: Managing BIG-IQ product hotfixes
o K15113: BIG-IQ hotfix matrix
o K12766: ARX hotfix matrix
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXyznn+NLKJtyKPYoAQjVUg/9GqW/6jRMTjYKbIicx2bi4TTaqc5g2C0a
wTe7TyIp3WB2SPgDrzOgBCXNd9iIqqmjEMBJn4jtEWTwGbAgwEKd5wSoUQvWeGm5
mzzc+xGKPbx3sx2IfWJ7JUxBgorHDMpbEq05V/zMR+Y5qbhK4HKBu7YkvkGQBGgG
wMWXktlaiRLLDmFGMK5PWmVlAe+moDGh6sqWjQ7cDvzamdkJrFRj7wajGzfwKtQn
HLaIpOjWsVwgQ8G50oA/m7kT/BLnKHgQFeBixLWlAOcTyLu0uAbH/6HCtvzDc6r0
493yfkDec/FQCfZ6Py2gYDNXJAUW7AOXK+QSwg1bAggsUriZgE2O2LOCvQH67zxf
Cc2E9+O9m1JSdKoRhzaevCO8psMI1d/G5Xpk3TfBBGxNAd90dfg2Jv90GsK9Ufj4
J03nMxRzSzTtUQBXPltXmZd3fovKRUZYlpqrtodNWF8Fc0vZJW3bZCTe1t2S948N
hTATzc88arxgawhVBuK03rNPbQ08+jXhsfkgv7/SJ03IfSNZgdDGvvw+q+Yn1M6A
9dLLQdCKM5/yR1PH75XnyWWVCJVFnkiG1C8FFt13KdfsyG1HkUqhXTaN6O8mKFTY
RmY6dWU6U1lI39WgnHZH8Wdpz5h+xU286H/eXep4AL1UEpTaN7Cc7YzqPAhA3WK4
9602Q3CJmbU=
=9cm/
-----END PGP SIGNATURE-----
In 1801, the United States had a small Navy. Thomas Jefferson deployed almost half that Navy—three frigates and a schooner—to the Barbary C...
