F5 Networks BIG-IP : cURL and libcurl vulnerability (K01006862)

Medium Nessus Plugin ID 105434

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.
When the candidate has been publicized, the details for this candidate will be provided.(CVE-2016-8615)

Impact

When a cURL connection stores a cookie state and is written into a cookie jar file that is later used for the subsequent cURL requests, a malicious web server can inject new cookies into the affected cookie jar for arbitrary domains. This exploit requires access to a malicious web server that serves cookies.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K01006862.

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip, cpe:/h:f5:big-ip_protocol_security_manager

Required KB Items: Host/local_checks_enabled, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version, Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2017/04/12

Reference Information

CVE: CVE-2016-8615

F5 Networks BIG-IP : cURL and libcurl vulnerability (K01006862)

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

CVSSv2

Vulnerability Information

Reference Information