F5 Networks BIG-IP : libcurl vulnerability (K10196624)

High Nessus Plugin ID 105436

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables.
(CVE-2016-8618)

Impact

A custom monitor or script that calls the curl command may allow unauthorized disclosure of information,unauthorized modification, and disruption of service. The big3d process, which includes the libcurl library, may allow unauthorized disclosure of information,unauthorized modification, and disruption of service.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K10196624.

See Also

https://support.f5.com/csp/#/article/K10196624

Plugin Details

Severity: High

ID: 105436

File Name: f5_bigip_SOL10196624.nasl

Version: 3.5

Type: local

Published: 2017/12/26

Modified: 2018/10/12

Dependencies: 76940

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip, cpe:/h:f5:big-ip_protocol_security_manager

Required KB Items: Host/local_checks_enabled, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version, Settings/ParanoidReport

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2017/04/21

Reference Information

CVE: CVE-2016-8618