F5 Networks BIG-IP : SSL Forward Proxy vulnerability (K20134942)
High Nessus Plugin ID 118637
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionA remote attacker using undisclosed methods againstvirtual servers
configured with a Client SSL or Server SSL profile that has the SSL
Forward Proxy feature enabled can force the Traffic Management
Microkernel (TMM) to leak memory. As a result, system memory usage
increases over time, which may eventually cause a decrease in
performance or a system reboot due to memory exhaustion.
This vulnerability allows a remote attacker to disrupt service.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5