F5 Networks BIG-IP : Expat vulnerabilities (K16949)
Medium Nessus Plugin ID 86013
SynopsisThe remote device is missing a vendor-supplied security patch.
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
CVE-2012-1148 Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.
These vulnerabilities allow context-dependent attackers to cause a denial-of-service (DoS) (CPU and/or memory consumption) by way of XML files.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K16949.