Detections
Analytics
F5 Networks BIG-IP : Linux kernel vulnerability (SOL16479)
high Nessus Plugin ID 83006
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.Solution
Upgrade to one of the non-vulnerable versions listed in the F5 Solution SOL16479.See Also
Plugin Details
Severity: High
ID: 83006
File Name: f5_bigip_SOL16479.nasl
Version: 1.7
Type: local
Published: 4/23/2015
Updated: 3/10/2021
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
Vulnerability Information
CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_wan_optimization_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip, cpe:/h:f5:big-ip_protocol_security_manager
Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version
Exploit Ease: No known exploits are available
Patch Publication Date: 4/22/2015
Vulnerability Publication Date: 6/16/2009
Reference Information
CVE: CVE-2009-1389, CVE-2009-4537