Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2012.0171 Multiple vulnerabilities have been fixed in F5 BIG-IP 12 December 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: BIG-IP Operating System: Network Appliance Impact/Access: Denial of Service -- Remote/Unauthenticated Reduced Security -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2012-0248 CVE-2012-0247 CVE-2011-4313 Member content until: Friday, January 11 2013 Reference: ASB-2012.0093 ESB-2012.0247 ASB-2011.0102 OVERVIEW F5 has released new hotfix for BIG-IP. IMPACT Multiple security fixes are included in the latest hotfix: "BIND has been updated to 9.6-ESV-R5-P1 to mitigate CVE-2011-4313." [1] "The WebAccelerator module is no longer susceptible to issues described in CVE-2012-0247 and CVE-2012-0248." [1] The following additional information is available from the previous AusCERT bulletins: CVE-2011-4313: "Various organisations have reported to ISC that their BIND 9 servers have been crashing after performing recursive queries. ISC has stated that the problem is that BIND would cache an invalid record for which subsequent queries would trigger the crash." [2] CVE-2012-0247: "When parsing a maliciously crafted image with incorrect offset and count in the ResolutionUnit tag in EXIF IFD0, ImageMagick writes two bytes to an invalid address." [3] CVE-2012-0248: "Parsing a maliciously crafted image with an IFD whose all IOP tags value offsets point to the beginning of the IFD itself results in an endless loop and a denial of service." [3] MITIGATION Customers should install BIG-IP 11.2.0 HF3. REFERENCES [1] Release Note: BIG-IP LTM and TMOS version 11.2.0 http://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-ltm-11-2-0.html [2] ASB-2011.0102 - ALERT [Win][UNIX/Linux] BIND: Denial of service - Remote/unauthenticated https://auscert.org.au/15104 [3] ESB-2012.0247 - [Win][UNIX/Linux][Debian] imagemagick: Multiple vulnerabilities https://auscert.org.au/15561 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUMgW2O4yVqjM2NGpAQKL2Q/+NeD4hJVOExht4FVf7tfBEOE7pl/2XXay Q9D0ZojwMMV4mJNJ29bT2KeAcl57/ceA7kxJVNiC8vaYvVLLoLnTVtG4raWQoLRh jHcU4yNAaHmKXNQo6LrGfG18Go2qVs3gX8EJNoU3Iut4YClDPDzwRx65idibd1RI 3kfpdR6gIE1SYI1BxI3g8P/6cG+ay6u/lQEL6eCUQc4qNDSd5apzxx1L7EYAQJ/c a+uNkxXt/ExUmMqp5lDTPxT0UOyjy0sFCgNIa0yeUUnfMhZmTPQof6hYb7z33su7 A6AJ9EIo5irKPvFb3r63GBCQe90zmQEbRnVCVGfmV8B5JbpNCjUpZpCcwEL2u0JJ ivpdcWSCUtNSOiZQ1U1db7QYXGlEaCm9TDSnztgrDhDQnD46dKTrjtNPzLftcjvX 6vYAivtLPZqaBF7WtzZE68iEXgtudqAq7yKmHdpZbWRCzF2gw2CY9MFruvpdqLeN M5yNoZBikIg2Ak5Vl857WJnRniBCUMu7H0uoWW5ZBHOMJR9sH8pcvHjVzoC2EdRJ WEHcoHGm1nVSk0bIxdg/GFRsddyHKAcYVl5E+eFLZftY4GBGmEKDH0IZqLuIik5F sC1REpj8S6shxgVFLHs+alV0UpFcOh02bfz08vhM7I3P88UpwpwuCDjMJ/Untl52 dyOXoUaVxJo= =BkpL -----END PGP SIGNATURE-----