Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.105515 |
Categoría: | F5 Local Security Checks |
Título: | F5 BIG-IP - BIG-IP last hop kernel module vulnerability CVE-2015-5516 |
Resumen: | The remote host is missing a security patch. |
Descripción: | Summary: The remote host is missing a security patch. Vulnerability Insight: The BIG-IP last hop kernel module may leak memory when processing User Datagram Protocol (UDP) traffic. The memory leak may cause denial-of-service (DoS) conditions for the BIG-IP system. Vulnerability Impact: The following configurations may allow a remote attacker to cause a memory leak and potential DoS conditions on BIG-IP systems: - You use the management interface to provide remote access to UDP based services. - You use self IP addresses to provide remote access to UDP based services. - Virtual servers that reference a DNS profile with the Use BIND Server on BIG-IP option enabled (the option is enabled by default in BIG-IP 11.2.x through 12.0.0). - Wide IPs reference either of the following pool configurations: - A pool using the Return to DNS load balancing method. - A pool in which the Alternate and Fallback load balancing methods are set to None and all pools associated with the wide IP are unavailable. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-5516 http://www.securitytracker.com/id/1034686 http://www.securitytracker.com/id/1034687 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |