Detections
Analytics

F5 Networks BIG-IP : BIG-IP ASM Virtual Edition may run out of memory under certain DoS conditions (K15341)

high Nessus Plugin ID 78177

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The BIG-IP ASM system limits the maximum number of concurrent requests with large payloads (10,000 bytes or larger) by default to 100, using the max_concurrent_long_request internal parameter. The BIG-IP ASM system drops new requests with large payloads once this limit is reached.The maximum individual request length supported by the system is set by the long_request_buffer_size internal parameter, which defaults to 10 MB. The number of concurrent large requests the system can process is therefore dependent on the available memory in the system's memory pools. The maximum amount of memory available for memory pools for a BIG-IP ASM Virtual Edition (VE) guest provisioned with 4 GB of memory is limited to 700 MB by default.

If BIG-IP ASM VE receives many large requests, it is possible for the system to run out of memory.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K15341.

See Also

https://support.f5.com/csp/article/K15341

Plugin Details

Severity: High

ID: 78177

File Name: f5_bigip_SOL15341.nasl

Version: 1.5

Type: local

Published: 10/10/2014

Updated: 1/4/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:f5:big-ip_application_security_manager, cpe:/h:f5:big-ip

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version

Patch Publication Date: 6/17/2014