----------------------------------------------------------------------



Follow Secunia on Twitter
http://twitter.com/secunia



----------------------------------------------------------------------

TITLE:
F5 BIG-IP DNSSEC Cache Poisoning Vulnerability

SECUNIA ADVISORY ID:
SA37790

VERIFY ADVISORY:
http://secunia.com/advisories/37790/

DESCRIPTION:
F5 has acknowledged a vulnerability in BIG-IP, which can be exploited
by malicious people to poison the DNS cache.

For more information:
SA37426

The vulnerability is reported in the following products and
versions:
* BIG-IP LTM version 10.1.0
* BIG-IP GTM version 10.1.0
* BIG-IP ASM version 10.1.0
* BIG-IP Link Controller version 10.1.0
* BIG-IP WebAccelerator version 10.1.0
* BIG-IP PSM version 10.1.0
* BIG-IP APM version 10.1.0
* BIG-IP WAN Optimization version 10.1.0

SOLUTION:
Do not rely on the validity of DNS data provided by an affected
product.

ORIGINAL ADVISORY:
https://support.f5.com/kb/en-us/solutions/public/10000/800/sol10898.html

OTHER REFERENCES:
SA37426:
http://secunia.com/advisories/37426/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------