November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Advisory – F5 Multiple Products Bind Security Bypass Vulnerability
March 26, 2019Rewterz Threat Alert – Account Themed Malspam – Threat Indicators
March 26, 2019Rewterz Threat Advisory – F5 Multiple Products Bind Security Bypass Vulnerability
March 26, 2019Rewterz Threat Alert – Account Themed Malspam – Threat Indicators
March 26, 2019
Severity
Medium
Analysis Summary
CVE-2009-5155
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
Impact
Denial of Service
Affected Products
F5 BIG-IP Local Traffic Manager (LTM) 11.x
F5 BIG-IP Application Security Manager (ASM) 11.x
F5 BIG-IP Local Traffic Manager (LTM) 12.x
F5 BIG-IP Application Security Manager (ASM) 12.x
F5 BIG-IP Local Traffic Manager (LTM) 13.x
F5 BIG-IP Application Security Manager (ASM) 13.x
F5 BIG-IQ Centralized Management 5.x
F5 BIG-IP Local Traffic Manager (LTM) 14.x
F5 TMOS 11.x
F5 BIG-IP Global Traffic Manager (GTM) 11.x
F5 Enterprise Manager 3.x
F5 BIG-IP Access Policy Manager (APM) 11.x
F5 BIG-IP Application Acceleration Manager (AAM) 11.x
F5 BIG-IP Advanced Firewall Manager (AFM) 11.x
F5 BIG-IP Analytics (AVR) 11.x
F5 BIG-IP Link Controller 11.x
F5 BIG-IP Policy Enforcement Manager (PEM) 11.x
F5 BIG-IP Access Policy Manager (APM) 12.x
F5 BIG-IP Access Policy Manager (APM) 13.x
F5 BIG-IP Advanced Firewall Manager (AFM) 12.x
F5 BIG-IP Advanced Firewall Manager (AFM) 13.x
F5 TMOS 12.x
F5 BIG-IP DNS (formerly Global Traffic Manager (GTM)) 12.x
Remediation
Vendor has not released any patches/updates for the following products.