F5 Networks BIG-IP : Expat vulnerabilities (K15905)

Medium Nessus Plugin ID 79892

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

CVE-2009-3560 The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.

CVE-2009-3720 The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K15905.

See Also

https://support.f5.com/csp/article/K15905

Plugin Details

Severity: Medium

ID: 79892

File Name: f5_bigip_SOL15905.nasl

Version: 1.9

Type: local

Published: 2014/12/15

Updated: 2019/01/04

Dependencies: 76940

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_wan_optimization_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip, cpe:/h:f5:big-ip_protocol_security_manager

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/12/11

Reference Information

CVE: CVE-2009-2625, CVE-2009-3560, CVE-2009-3720

BID: 35958, 36097, 37203

CWE: 119, 264