Secunia Security Advisory - F5 has acknowledged a vulnerability in BIG-IP, which can be exploited by malicious people to poison the DNS cache.
fd7b8adc4d7409c85009a25e45f815854b6cf2273c73aac7aafb297f3233fa32
----------------------------------------------------------------------
Follow Secunia on Twitter
http://twitter.com/secunia
----------------------------------------------------------------------
TITLE:
F5 BIG-IP DNSSEC Cache Poisoning Vulnerability
SECUNIA ADVISORY ID:
SA37790
VERIFY ADVISORY:
http://secunia.com/advisories/37790/
DESCRIPTION:
F5 has acknowledged a vulnerability in BIG-IP, which can be exploited
by malicious people to poison the DNS cache.
For more information:
SA37426
The vulnerability is reported in the following products and
versions:
* BIG-IP LTM version 10.1.0
* BIG-IP GTM version 10.1.0
* BIG-IP ASM version 10.1.0
* BIG-IP Link Controller version 10.1.0
* BIG-IP WebAccelerator version 10.1.0
* BIG-IP PSM version 10.1.0
* BIG-IP APM version 10.1.0
* BIG-IP WAN Optimization version 10.1.0
SOLUTION:
Do not rely on the validity of DNS data provided by an affected
product.
ORIGINAL ADVISORY:
https://support.f5.com/kb/en-us/solutions/public/10000/800/sol10898.html
OTHER REFERENCES:
SA37426:
http://secunia.com/advisories/37426/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------