F5 BIG-IP负载均衡器多个产品再次爆出远程DoS漏洞 ,CVEID为CVE-2017-6166,这是今年第三次出现成批的漏洞了。攻击者可以利用此问题让应用程序崩溃,从而制造拒绝服务攻击条件。受影响产品包括F5 BIG-IP WebSafe、PEM、LTM、DNS、Link Controller、ASM、APM、AFM、AAM等。
11月22日,F5 BIG-IP负载均衡器多个产品又出漏洞, 中间人攻击、敏感信息泄露及未授权访问
11月2日,F5 BIG-IP负载均衡器多个产品, 安全绕过漏洞、DoS漏洞及远程代码执行漏洞
F5多个BIG-IP产品远程DoS漏洞CVE-2017-6166
SecurityFocus评价
多F5 BIG-IP产品容易拒绝服务漏洞。攻击者可以利用此问题来崩溃应用程序,从而导致拒绝服务条件。
Bugtraq ID: | 102264 |
Class: | Boundary Condition Error |
CVE: | CVE-2017-6166 |
Remote: | Yes |
Local: | No |
Published: | Dec 22 2017 12:00AM |
Updated: | Dec 22 2017 12:00AM |
Credit: | The vendor reported the issue. |
Vulnerable: |
F5 BIG-IP WebSafe 12.1.1 F5 BIG-IP WebSafe 12.1 HF2 F5 BIG-IP WebSafe 12.1 HF1 F5 BIG-IP WebSafe 12.1 F5 BIG-IP WebSafe 12.0 HF4 F5 BIG-IP WebSafe 12.0 HF3 F5 BIG-IP WebSafe 12.0 HF2 F5 BIG-IP WebSafe 12.0 HF1 F5 BIG-IP WebSafe 12.0 F5 BIG-IP PEM 12.1.1 F5 BIG-IP PEM 12.1 HF2 F5 BIG-IP PEM 12.1 HF1 F5 BIG-IP PEM 12.0 HF4 F5 BIG-IP PEM 12.0 HF3 F5 BIG-IP PEM 12.0 HF2 F5 BIG-IP PEM 12.0 F5 BIG-IP PEM 12.1.0 F5 BIG-IP PEM 12.0.0 HF1 F5 BIG-IP LTM 12.1.1 F5 BIG-IP LTM 12.1 HF2 F5 BIG-IP LTM 12.1 HF1 F5 BIG-IP LTM 12.0 F5 BIG-IP LTM 12.1.0 F5 BIG-IP Link Controller 12.1.1 F5 BIG-IP Link Controller 12.1 HF2 F5 BIG-IP Link Controller 12.1 HF1 F5 BIG-IP Link Controller 12.0 HF4 F5 BIG-IP Link Controller 12.0 HF3 F5 BIG-IP Link Controller 12.0 HF2 F5 BIG-IP Link Controller 12.0 build 1.14.628 F5 BIG-IP Link Controller 12.0 F5 BIG-IP Link Controller 12.1.0 F5 BIG-IP Link Controller 12.0.0 HF1 F5 BIG-IP DNS 12.1.1 F5 BIG-IP DNS 12.0 HF3 F5 BIG-IP DNS 12.0 HF2 F5 BIG-IP DNS 12.0 build 1.14.628 F5 BIG-IP DNS 12.0 F5 BIG-IP DNS 12.1.0 F5 BIG-IP DNS 12.0.0 HF1 F5 BIG-IP ASM 12.1.1 F5 BIG-IP ASM 12.1 HF2 F5 BIG-IP ASM 12.1 HF1 F5 BIG-IP ASM 12.0 HF4 F5 BIG-IP ASM 12.0 build 1.14.628 F5 BIG-IP ASM 12.0 F5 BIG-IP ASM 12.1.0 F5 BIG-IP ASM 12.0.0 HF3 F5 BIG-IP ASM 12.0.0 HF2 F5 BIG-IP ASM 12.0.0 HF1 F5 BIG-IP APM 12.1.1 F5 BIG-IP APM 12.1 HF2 F5 BIG-IP APM 12.1 HF1 F5 BIG-IP APM 12.0 HF4 F5 BIG-IP APM 12.0 HF3 F5 BIG-IP APM 12.0 HF2 F5 BIG-IP APM 12.0 build 1.14.628 F5 BIG-IP APM 12.0 F5 BIG-IP APM 12.1.0 F5 BIG-IP APM 12.0.0 HF1 F5 BIG-IP Analytics 12.1.1 F5 BIG-IP Analytics 12.0 build 1.14.628 F5 BIG-IP Analytics 12.0 F5 BIG-IP Analytics 12.1.0 F5 BIG-IP Analytics 12.0.0 HF3 F5 BIG-IP Analytics 12.0.0 HF2 F5 BIG-IP Analytics 12.0.0 HF1 F5 BIG-IP AFM 12.1.1 F5 BIG-IP AFM 12.1 HF2 F5 BIG-IP AFM 12.1 HF1 F5 BIG-IP AFM 12.0 HF4 F5 BIG-IP AFM 12.0 build 1.14.628 F5 BIG-IP AFM 12.0 F5 BIG-IP AFM 12.1.0 F5 BIG-IP AFM 12.0.0 HF3 F5 BIG-IP AFM 12.0.0 HF2 F5 BIG-IP AFM 12.0.0 HF1 F5 BIG-IP AAM 12.1.1 F5 BIG-IP AAM 12.1 HF2 F5 BIG-IP AAM 12.1 HF1 F5 BIG-IP AAM 12.0 HF4 F5 BIG-IP AAM 12.0 F5 BIG-IP AAM 12.1.0 F5 BIG-IP AAM 12.0.0 HF3 F5 BIG-IP AAM 12.0.0 HF2 F5 BIG-IP AAM 12.0.0 HF1 |
Not Vulnerable: |
F5 BIG-IP WebSafe 12.1.2 F5 BIG-IP PEM 12.1.2 F5 BIG-IP LTM 12.1.2 F5 BIG-IP Link Controller 12.1.2 F5 BIG-IP DNS 12.1.2 F5 BIG-IP ASM 12.1.2 F5 BIG-IP APM 12.1.2 F5 BIG-IP Analytics 12.1.2 F5 BIG-IP AFM 12.1.2 F5 BIG-IP AAM 12.1.2 |