PT-2018-8300 · F5 · F5 Big-Ip
Published
2018-06-01
·
Updated
2019-10-03
·
CVE-2017-6153
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP versions 13.0.0 through 13.1.0.3
F5 BIG-IP versions 12.1.0 through 12.1.3.1
F5 BIG-IP versions 11.6.1 through 11.6.3.1
F5 BIG-IP versions 11.5.1 through 11.5.5
F5 BIG-IP versions 11.2.1
Description
The issue concerns a service disruption via a "Zip Bomb" attack. This attack affects features that utilize inflate functionality, either directly, via an iRule, or via the inflate code from the PEM module.
Recommendations
For versions 13.0.0 through 13.1.0.3, consider disabling the inflate functionality to prevent service disruption.
For versions 12.1.0 through 12.1.3.1, restrict the use of iRules that utilize inflate functionality.
For versions 11.6.1 through 11.6.3.1, avoid using the inflate code from the PEM module.
For versions 11.5.1 through 11.5.5, consider implementing configuration changes to minimize the risk of a "Zip Bomb" attack.
For version 11.2.1, restrict access to features that utilize inflate functionality to minimize the risk of exploitation.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
F5 Big-Ip