This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor f5 First view 2012-05-24
Product Big-Ip Access Policy Manager Last view 2024-08-14
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.1:*:*:*:*:*:*:* 454
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.0:*:*:*:*:*:*:* 451
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.0:*:*:*:*:*:*:* 449
cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.1:*:*:*:*:*:*:* 447
cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.0:*:*:*:*:*:*:* 446
cpe:2.3:a:f5:big-ip_access_policy_manager:11.4.1:*:*:*:*:*:*:* 445
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.3:*:*:*:*:*:*:* 444
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.2:*:*:*:*:*:*:* 443
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.1:*:*:*:*:*:*:* 441
cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.0:*:*:*:*:*:*:* 440
cpe:2.3:a:f5:big-ip_access_policy_manager:11.3.0:*:*:*:*:*:*:* 439
cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.1:*:*:*:*:*:*:* 437
cpe:2.3:a:f5:big-ip_access_policy_manager:11.2.0:*:*:*:*:*:*:* 436
cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0:*:*:*:*:*:*:* 436
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:*:*:*:*:*:*:* 436
cpe:2.3:a:f5:big-ip_access_policy_manager:11.1.0:*:*:*:*:*:*:* 435
cpe:2.3:a:f5:big-ip_access_policy_manager:11.0.0:*:*:*:*:*:*:* 434
cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.1:*:*:*:*:*:*:* 430
cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.2:*:*:*:*:*:*:* 430
cpe:2.3:a:f5:big-ip_access_policy_manager:12.1.2:*:*:*:*:*:*:* 430
cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.4:*:*:*:*:*:*:* 430
cpe:2.3:a:f5:big-ip_access_policy_manager:10.1.0:*:*:*:*:*:*:* 429
cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.3:*:*:*:*:*:*:* 428
cpe:2.3:a:f5:big-ip_access_policy_manager:10.2.0:*:*:*:*:*:*:* 427
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* 421
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:clients:*:*:* 421
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3:*:*:*:*:*:*:* 419
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2:*:*:*:*:*:*:* 419
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.4:*:*:*:*:*:*:* 415
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hf4:*:*:*:*:*:* 413
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4.2.74.291:*:*:*:*:*:*:* 413
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hf3:*:*:*:*:*:* 413
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hf2:*:*:*:*:*:* 413
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4:hf1:*:*:*:*:*:* 413
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.5:*:*:*:*:*:*:* 413
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4.2:-:*:*:*:*:*:* 412
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4.3:-:*:*:*:*:*:* 412
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4.4:-:*:*:*:*:*:* 412
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.4.1:-:*:*:*:*:*:* 412
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.5:*:*:*:*:*:*:* 409
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.8:*:*:*:*:*:*:* 407
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.9:*:*:*:*:*:*:* 407
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.7:*:*:*:*:*:*:* 407
cpe:2.3:a:f5:big-ip_access_policy_manager:11.5.6:*:*:*:*:*:*:* 407
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.2:-:*:*:*:*:*:* 405
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3.3:*:*:*:*:*:*:* 401
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3.4:*:*:*:*:*:*:* 401
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3.1:*:*:*:*:*:*:* 401
cpe:2.3:a:f5:big-ip_access_policy_manager:11.6.3.2:*:*:*:*:*:*:* 401
cpe:2.3:a:f5:big-ip_access_policy_manager:12.0.0.0:*:*:*:*:*:*:* 398

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2024-08-14 CVE-2024-41727

In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization. Â

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

4.3 2024-08-14 CVE-2024-41723

Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5 2024-08-14 CVE-2024-41164

When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5 2024-08-14 CVE-2024-39778

When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate.

 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.6 2024-05-06 CVE-2024-3661

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.

7.5 2024-02-14 CVE-2024-24775

When a virtual server is enabled with VLAN group and SNAT listener is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

7.5 2024-02-14 CVE-2024-23979

When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP) authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

4.4 2024-02-14 CVE-2024-23976

When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX templates on a BIG-IP system. Â Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

7.5 2024-02-14 CVE-2024-23314

When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

6.5 2024-02-14 CVE-2024-22389

When BIG-IP is deployed in high availability (HA) and an iControl REST API token is updated, the change does not sync to the peer device.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

9.6 2024-02-14 CVE-2024-22093

When running in appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint on multi-bladed systems. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

6.7 2024-02-14 CVE-2024-21782

BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure copy (scp) utility but do not have access to Advanced shell (bash) can execute arbitrary commands with a specially crafted command string. This vulnerability is due to an incomplete fix for CVE-2020-5873.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

8.8 2023-10-26 CVE-2023-46748

An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which

may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands.

 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

9.8 2023-10-26 CVE-2023-46747

Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

7.8 2023-10-10 CVE-2023-5450

An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process.Â

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

4.4 2023-10-10 CVE-2023-45219

Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. Â

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5 2023-10-10 CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

8.7 2023-10-10 CVE-2023-43746

When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.8 2023-10-10 CVE-2023-43611

The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. This vulnerability is due to an incomplete fix for CVE-2023-38418.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

5.5 2023-10-10 CVE-2023-43485

When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.2 2023-10-10 CVE-2023-42768

When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have access to iControl REST admin resource.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

6.5 2023-10-10 CVE-2023-41964

The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables.Â

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

9.9 2023-10-10 CVE-2023-41373

A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated attacker to execute commands on the BIG-IP system. For BIG-IP system running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary.Â

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5 2023-10-10 CVE-2023-41085

When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate.Â

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

7.5 2023-10-10 CVE-2023-40542

When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
14% (51) CWE-20 Improper Input Validation
10% (37) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
8% (28) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
4% (17) CWE-200 Information Exposure
3% (13) CWE-476 NULL Pointer Dereference
2% (10) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
2% (9) CWE-532 Information Leak Through Log Files
2% (9) CWE-269 Improper Privilege Management
2% (8) CWE-362 Race Condition
2% (8) CWE-319 Cleartext Transmission of Sensitive Information
2% (8) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
2% (7) CWE-284 Access Control (Authorization) Issues
2% (7) CWE-264 Permissions, Privileges, and Access Controls
2% (7) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
1% (6) CWE-770 Allocation of Resources Without Limits or Throttling
1% (6) CWE-295 Certificate Issues
1% (6) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (5) CWE-352 Cross-Site Request Forgery (CSRF)
1% (5) CWE-287 Improper Authentication
1% (4) CWE-772 Missing Release of Resource after Effective Lifetime
1% (4) CWE-732 Incorrect Permission Assignment for Critical Resource
1% (4) CWE-613 Insufficient Session Expiration
1% (4) CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
1% (4) CWE-404 Improper Resource Shutdown or Release
1% (4) CWE-326 Inadequate Encryption Strength

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:21093 USN-1236-1 -- linux vulnerabilities
oval:org.mitre.oval:def:20253 VMware vSphere and vCOps updates to third party libraries
oval:org.mitre.oval:def:24219 RHSA-2014:0328: kernel security and bug fix update (Important)
oval:org.mitre.oval:def:23690 ELSA-2014:0328: kernel security and bug fix update (Important)
oval:org.mitre.oval:def:27035 DEPRECATED: ELSA-2014-0328 -- kernel security and bug fix update (important)
oval:org.mitre.oval:def:24863 USN-2196-1 -- linux vulnerability
oval:org.mitre.oval:def:24838 USN-2198-1 -- linux vulnerability
oval:org.mitre.oval:def:24818 USN-2197-1 -- linux-ec2 vulnerability
oval:org.mitre.oval:def:24747 USN-2204-1 -- linux vulnerability
oval:org.mitre.oval:def:24706 USN-2201-1 -- linux-lts-saucy vulnerability
oval:org.mitre.oval:def:24673 USN-2199-1 -- linux-lts-quantal vulnerability
oval:org.mitre.oval:def:24668 USN-2202-1 -- linux vulnerability
oval:org.mitre.oval:def:24543 USN-2203-1 -- linux vulnerability
oval:org.mitre.oval:def:24445 USN-2200-1 -- linux-lts-raring vulnerability
oval:org.mitre.oval:def:25258 RHSA-2014:0678: kernel security update (Important)
oval:org.mitre.oval:def:25233 SUSE-SU-2014:0667-1 -- Security update for Linux Kernel
oval:org.mitre.oval:def:27162 ELSA-2014-0678 -- kernel security update (important)
oval:org.mitre.oval:def:26764 Vulnerability affecting GNU Bash
oval:org.mitre.oval:def:26665 DSA-3035-1 bash - security update
oval:org.mitre.oval:def:26642 DSA-3032-1 bash - security update
oval:org.mitre.oval:def:26539 USN-2362-1 -- bash vulnerability
oval:org.mitre.oval:def:26521 RHSA-2014:1293: bash security update (Critical)
oval:org.mitre.oval:def:27118 ELSA-2014-1306 -- bash security update (Important)
oval:org.mitre.oval:def:26923 ELSA-2014-1293 -- bash security update (Critical)
oval:org.mitre.oval:def:26685 ELSA-2014-1294 -- bash security update (Critical)

SAINT Exploits

Description Link
F5 rsync daemon ConfigSync interface cmi module vulnerability More info here
F5 BIG-IP iControl REST vulnerability More info here
Bash environment variable code injection over HTTP More info here
Bash Environment Variable Handling Shell Command Injection Via CUPS More info here
ShellShock DHCP Server More info here

Open Source Vulnerability Database (OSVDB)

id Description
75716 Linux Kernel Sequence Number Generation Weakness Remote Packet Injection

ExploitDB Exploits

id Description
35146 PHP 5.x Shellshock Exploit (bypass disable_functions)
35115 CUPS Filter Bash Environment Variable Code Injection
34879 OpenVPN 2.2.29 - ShellShock Exploit
34860 GNU bash 4.3.11 Environment Variable dhclient Exploit
34839 IPFire Cgi Web Interface Authenticated Bash Environment Variable Code Injecti...
34777 GNU bash Environment Variable Command Injection (MSF)
33516 Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition...

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln01_nov12_win.nasl
2012-11-15 Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
2012-11-15 Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-06 Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-08-31 Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries.
File : nvt/gb_VMSA-2012-0013.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64
File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:1465-01
File : nvt/gb_RHSA-2011_1465-01_kernel.nasl
2011-12-02 Name : Fedora Update for kernel FEDORA-2011-16346
File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl
2011-11-11 Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1
File : nvt/gb_ubuntu_USN_1256_1.nasl
2011-11-11 Name : Ubuntu Update for linux USN-1253-1
File : nvt/gb_ubuntu_USN_1253_1.nasl
2011-11-08 Name : Fedora Update for kernel FEDORA-2011-15241
File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl
2011-10-31 Name : Fedora Update for kernel FEDORA-2011-14747
File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl
2011-10-31 Name : Ubuntu Update for linux USN-1246-1
File : nvt/gb_ubuntu_USN_1246_1.nasl
2011-10-31 Name : Ubuntu Update for linux-mvl-dove USN-1245-1
File : nvt/gb_ubuntu_USN_1245_1.nasl
2011-10-31 Name : Ubuntu Update for linux USN-1243-1
File : nvt/gb_ubuntu_USN_1243_1.nasl
2011-10-31 Name : Ubuntu Update for linux-lts-backport-maverick USN-1242-1
File : nvt/gb_ubuntu_USN_1242_1.nasl
2011-10-31 Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1
File : nvt/gb_ubuntu_USN_1241_1.nasl
2011-10-31 Name : Ubuntu Update for linux-mvl-dove USN-1240-1
File : nvt/gb_ubuntu_USN_1240_1.nasl
2011-10-31 Name : Ubuntu Update for linux-ec2 USN-1239-1
File : nvt/gb_ubuntu_USN_1239_1.nasl
2011-10-21 Name : Ubuntu Update for linux USN-1236-1
File : nvt/gb_ubuntu_USN_1236_1.nasl
2011-10-21 Name : RedHat Update for kernel RHSA-2011:1386-01
File : nvt/gb_RHSA-2011_1386-01_kernel.nasl
2011-10-21 Name : CentOS Update for kernel CESA-2011:1386 centos5 i386
File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl
2011-10-14 Name : Ubuntu Update for linux-ti-omap4 USN-1228-1
File : nvt/gb_ubuntu_USN_1228_1.nasl
2011-10-10 Name : Fedora Update for kernel FEDORA-2011-12874
File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2014-A-0142 GNU Bash Shell Code Execution Vulnerability
Severity: Category I - VMSKEY: V0054753
2012-A-0153 Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0033884
2012-A-0148 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0033794
2012-A-0136 Multiple Vulnerabilities in Juniper Network Management Products
Severity: Category I - VMSKEY: V0033662

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-08-11 F5 BIG-IP Traffic Management User Interface remote code execution attempt
RuleID : 54484 - Type : SERVER-WEBAPP - Revision : 2
2020-08-06 F5 BIG-IP Traffic Management User Interface remote code execution attempt
RuleID : 54462 - Type : SERVER-WEBAPP - Revision : 3
2020-07-07 lodash defaultsDeep prototype pollution attempt
RuleID : 54184 - Type : SERVER-OTHER - Revision : 1
2017-02-10 F5 BIG-IP TLS session ticket implementation uninitialized memory disclosure a...
RuleID : 41548 - Type : SERVER-OTHER - Revision : 3
2014-01-10 Destination Unreachable Fragmentation Needed and DF bit was set
RuleID : 396-community - Type : PROTOCOL-ICMP - Revision : 12
2014-01-10 Destination Unreachable Fragmentation Needed and DF bit was set
RuleID : 396 - Type : PROTOCOL-ICMP - Revision : 12
2016-03-14 glibc getaddrinfo AAAA record stack buffer overflow attempt
RuleID : 37731-community - Type : PROTOCOL-DNS - Revision : 5
2016-03-22 glibc getaddrinfo AAAA record stack buffer overflow attempt
RuleID : 37731 - Type : PROTOCOL-DNS - Revision : 5
2016-03-14 glibc getaddrinfo A record stack buffer overflow attempt
RuleID : 37730-community - Type : PROTOCOL-DNS - Revision : 5
2016-03-22 glibc getaddrinfo A record stack buffer overflow attempt
RuleID : 37730 - Type : PROTOCOL-DNS - Revision : 5
2016-03-15 Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt
RuleID : 37654 - Type : OS-LINUX - Revision : 2
2016-03-14 Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt
RuleID : 37408 - Type : OS-LINUX - Revision : 2
2016-03-14 F5 BIG-IP iControl API arbitrary command execution attempt
RuleID : 36778 - Type : SERVER-WEBAPP - Revision : 2
2015-07-13 Linux.Trojan.ChinaZ outbound connection
RuleID : 34847 - Type : MALWARE-CNC - Revision : 3
2015-01-13 TLSv1.2 POODLE CBC padding brute force attempt
RuleID : 32760 - Type : SERVER-OTHER - Revision : 4
2015-01-13 TLSv1.1 POODLE CBC padding brute force attempt
RuleID : 32759 - Type : SERVER-OTHER - Revision : 4
2015-01-13 TLSv1.0 POODLE CBC padding brute force attempt
RuleID : 32758 - Type : SERVER-OTHER - Revision : 4
2015-01-13 TLSv1.2 POODLE CBC padding brute force attempt
RuleID : 32757 - Type : SERVER-OTHER - Revision : 4
2015-01-13 TLSv1.1 POODLE CBC padding brute force attempt
RuleID : 32756 - Type : SERVER-OTHER - Revision : 4
2015-01-13 TLSv1.0 POODLE CBC padding brute force attempt
RuleID : 32755 - Type : SERVER-OTHER - Revision : 4
2014-10-30 Bash environment variable injection attempt
RuleID : 32366-community - Type : OS-OTHER - Revision : 2
2014-12-02 Bash environment variable injection attempt
RuleID : 32366 - Type : OS-OTHER - Revision : 2
2014-10-24 Bash CGI environment variable injection attempt
RuleID : 32336-community - Type : OS-OTHER - Revision : 2
2014-11-25 Bash CGI environment variable injection attempt
RuleID : 32336 - Type : OS-OTHER - Revision : 2
2014-10-24 Bash CGI environment variable injection attempt
RuleID : 32335-community - Type : OS-OTHER - Revision : 2

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-11 Name: The remote Virtuozzo host is missing multiple security updates.
File: Virtuozzo_VZA-2018-075.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-50075276e8.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL27617652.nasl - Type: ACT_GATHER_INFO
2018-12-21 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL23328310.nasl - Type: ACT_GATHER_INFO
2018-12-21 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL61620494.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL95343321.nasl - Type: ACT_GATHER_INFO
2018-12-13 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL42027747.nasl - Type: ACT_GATHER_INFO
2018-12-11 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1406.nasl - Type: ACT_GATHER_INFO
2018-12-05 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0101.nasl - Type: ACT_GATHER_INFO
2018-11-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-3083.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL00363258.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL01067037.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL02043709.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL02714910.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL03165684.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL05018525.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL05112543.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL05263202.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL07369970.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL07550539.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL10930474.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL11718033.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL12044607.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL16248201.nasl - Type: ACT_GATHER_INFO