F5 Networks BIG-IP : SSL Forward Proxy vulnerability (K20134942)
High Nessus Plugin ID 118637
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionA remote attacker using undisclosed methods againstvirtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (TMM) to leak memory. As a result, system memory usage increases over time, which may eventually cause a decrease in performance or a system reboot due to memory exhaustion.
This vulnerability allows a remote attacker to disrupt service.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K20134942.