Denial of Service Vulnerability in F5 BIG-IP Products
CVE-2013-6016

Currently unrated

Key Information:

Vendor
F5
Vendor
CVE Published:
26 October 2013

Summary

The Traffic Management Microkernel (TMM) in specific versions of F5 BIG-IP products is susceptible to a denial of service attack. This vulnerability arises when a TCP connection is incorrectly switched to an ESTABLISHED state prior to the reception of the ACK packet. Exploitation of this flaw enables remote attackers to trigger a denial of service that results in the SIGFPE or assertion failure and subsequent restart of the TMM. Affected products include several versions of BIG-IP LTM, APM, ASM, and other related services that may be utilized for traffic management.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.