-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2013.0177
               sol14190: TLS / DTLS 'Lucky 13' vulnerability
                             11 February 2013

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           BIG-IP LTM
                   BIG-IP AFM
                   BIG-IP Analytics
                   BIG-IP APM
                   BIG-IP ASM
                   BIG-IP Edge Gateway
                   BIG-IP GTM
                   BIG-IP Link Controller
                   BIG-IP PEM
                   BIG-IP PSM
                   BIG-IP WebAccelerator
                   BIG-IP WOM
                   ARX
                   Enterprise Manager
                   FirePass
Publisher:         F5
Operating System:  Network Appliance
Impact/Access:     Access Confidential Data -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2013-0169  

Reference:         ESB-2013.0161

Original Bulletin: 
   http://support.f5.com/kb/en-us/solutions/public/14000/100/sol14190.html

- --------------------------BEGIN INCLUDED TEXT--------------------

sol14190: TLS / DTLS 'Lucky 13' vulnerability CVE-2013-0169 

Security Advisory

Original Publication Date: 02/08/2013

Description

A vulnerability exists in the TLS and DTLS protocols that may allow an attacker
to recover plaintext from TLS / DTLS connections that use CBC-mode encryption.

Note: Stream ciphers, such as RC4, are not vulnerable to this issue.

Impact

The vulnerability may allow an attacker to recover plaintext from TLS / DTLS 
connections.

Status

F5 Product Development has assigned ID 407706 (BIG-IP and Enterprise Manager), 
ID 410613 (FirePass), and ID 410742 (ARX) to this vulnerability. To find out 
whether F5 has determined that your release is vulnerable, and to obtain 
information about releases or hotfixes that resolve the vulnerability, refer to
the following table:

Product 		Versions known to be vulnerable 	Versions known to be not vulnerable 	Vulnerable component or feature
BIG-IP LTM 		9.0.0 - 9.6.1				None					Configuration utility
			10.0.0 - 10.2.4				
			11.0.0 - 11.3.0									SSL virtual servers
	
BIG-IP AFM 		11.3.0					None				 	Configuration utility

													SSL virtual servers

BIG-IP Analytics	11.0.0 - 11.3.0				None				 	Configuration utility

BIG-IP APM	 	10.1.0 - 10.2.4				None				 	Configuration utility
			11.0.0 - 11.3.0
													SSL virtual servers

BIG-IP ASM 		9.2.0 - 9.4.8				None 					Configuration utility
			10.0.0 - 10.2.4
			11.0.0 - 11.3.0									SSL virtual servers
	
BIG-IP Edge Gateway	10.1.0 - 10.2.4				None 					Configuration utility
			11.0.0 - 11.3.0
													SSL virtual servers

BIG-IP GTM 		9.2.2 - 9.4.8				None 					Configuration utility
			10.0.0 - 10.2.4
			11.0.0 - 11.3.0
	
BIG-IP Link Controller 	9.2.2 - 9.4.8				None		 			Configuration utility
			10.0.0 - 10.2.4
			11.0.0 - 11.3.0									SSL virtual servers

BIG-IP PEM 		11.3.0					None					Configuration utility
													SSL virtual servers

BIG-IP PSM	 	9.4.5 - 9.4.8				None 					Configuration utility
			10.0.0 - 10.2.4
			11.0.0 - 11.3.0									SSL virtual servers
	


BIG-IP WebAccelerator 	9.4.0 - 9.4.8				None 					Configuration utility
			10.0.0 - 10.2.4
			11.0.0 - 11.3.0									SSL virtual servers

BIG-IP WOM	 	10.0.0 - 10.2.4				None				 	Configuration utility
			11.0.0 - 11.3.0
													SSL virtual servers

ARX		 	5.0.0 - 5.3.1				None 					ARX Manager GUI
			6.0.0 - 6.3.0
													API (disabled by default)

Enterprise Manager 	1.6.0 - 1.8.0				None				 	Configuration utility
			2.0.0 - 2.3.0
			3.0.0 - 3.1.0

FirePass 		6.0.0 - 6.1.0				None				 	Administrative interface
			7.0.0
													WebServices

Recommended action

    BIG-IP
    FirePass
    Enterprise Manager
    ARX

BIG-IP

The following section describes affected BIG-IP components and how to protect 
the components from potential exploit.

    The Configuration utility

	The BIG-IP Configuration utility is vulnerable. To mitigate potential 
	exploit, F5 recommends that you limit network access to the MGMT 
	interface to a secure, management-only network.

	It is also possible to change the default cipher string for the BIG-IP 
	Configuration utility. For example, to change the cipher string for the
	Configuration utility to use the RC4-SHA cipher, refer to the following 
	commands:

	BIG-IP 10.x - 11.x

	tmsh modify /sys httpd ssl-ciphersuite RC4-SHA

	BIG-IP 9.4.x

	bigpipe httpd sslciphersuite RC4-SHA

    SSL virtual servers

        SSL virtual servers on F5 hardware appliances and blades

        SSL virtual servers running on F5 hardware appliances and blades are 
	not vulnerable. If you have an F5 hardware appliance or blade, F5 
	recommends using the default cipher string for clientSSL profiles. To 
	verifiy the cipher string, navigate to Local Traffic > Profiles > SSL >
	Client > {profile_name} > Configuration > Advanced > Ciphers. 
	If the cipher string is set to DEFAULT, the virtual server is not 
	vulnerable.
        
	SSL virtual servers on F5 virtual editions (VE)

        SSL virtual servers running on F5 virtual editions (VE) are vulnerable.
	To mitigate this vulnerability configure the client-side SSL profile to
	prefer RC4-SHA ciphers. To do so, perform the Configuring the SSL 
	profile to prefer RC4 ciphers procedure:

Configuring the SSL profile to prefer RC4 ciphers

To configure the SSL profile to prefer RC4-SHA ciphers, perform the following 
procedure:

Impact of workaround: Changing the ciphers supported by the SSL profile may 
result in clients being unable to establish an SSL connection.

    1.  Log in to the Configuration utility.

    2.  Click Local Traffic.

    3.  Click Profiles.

    4.  Choose Client from the SSL drop-down menu.

    5.  Click Create.

    6.  Type a name for the SSL profile.

    7.  Choose clientssl from the Parent Profile drop-down menu.

    8.  Choose Advanced from the Configuration drop-down menu.

    9.  Click the Custom box for Ciphers.

    10. Delete the DEFAULT cipher string from the Ciphers box.

    11. Enter the desired cipher string in the Ciphers box.

    	For example, the following string would configure an SSL profile to use
	the Native SSL stack and prefer RC4-SHA ciphers:

 	RC4-SHA:NATIVE:!EXP:!DES:!MD5

    12. Click Finished.

    	You must now associate the SSL profile with the virtual server.

FirePass

To protect the Firepass Controller Administrator interface from potential 
exploit, perform the following procedure:

Changing the cipher string for the Firepass Administrator interface

Impact of procedure: Changing the cipher string may prevent some connections to
the Administrator interface.

    1. Log in to the Firepass Administrator interface.

    2. Navigate to Device Management > Security > User Access Security page >
       SSL Cipher Security.

    3. Click Medium-Grade Security.

    4. Click Apply.

Enterprise Manager

To protect the Enterprise Manager Configuration utility from potential exploit,
F5 recommends that you limit network access to the MGMT interface to a secure, 
management-only network.

It is also possible to change the default cipher string for the Enterprise 
Manager Configuration utility. For example, to change the cipher string for the
Configuration utility to use the RC4-SHA cipher, refer to the following 
commands:

Enterprise Manager 3x

tmsh modify /sys httpd ssl-ciphersuite RC4-SHA

Enterprise Manager 2.x

bigpipe httpd sslciphersuite RC4-SHA

ARX

The following section describes how to protect the ARX Manager GUI from 
potential exploit (6.2.0 and later).

Changing the ARX Manager GUI cipher string (6.2.0 and later)

To change the ARX Manager GUI cipher string, perform the following procedure:

Impact of procedure: Changing the cipher string may prevent some connections to
the ARX Manager GUI.

    1. Log in to the ARX CLI.

    Enable privileged mode by typing the following command:

    2. enable

    Enable config mode by typing the following command:

    config

    3. Enter ssl mode by entering the following command:

    ssl

    4. Change the cipher string by entering the following command

    cipher ssl-rsa-with-rc4-128-sha

    5. Exit from the menu by entering the following command:

    end

Acknowledgments

F5 would like to acknowledge Nadhem J. AlFardan and Kenneth G. Paterson of the
Information Security Group Royal Holloway, University of London for bringing 
this issue to our attention, and for following the highest standards of 
responsible disclosure.

Supplemental Information

    CVE-2013-0169
    http://www.isg.rhul.ac.uk/tls/
    SOL8802: Using SSL ciphers with BIG-IP Client SSL and Server SSL profiles
    SOL13405: Restricting Configuration utility access to clients using high encryption SSL ciphers (11.x)
    SOL6768: Restricting Configuration utility access to clients using high encryption SSL ciphers (9.x - 10.x)
    SOL9970: Subscribing to email notifications regarding F5 products
    SOL9957: Creating a custom RSS feed to view new and updated documents.
    SOL4602: Overview of the F5 security vulnerability response policy
    SOL4918: Overview of the F5 critical issue hotfix policy
    SOL9502: BIG-IP hotfix matrix
    SOL10322: FirePass hotfix matrix
    SOL12766: ARX hotfix matrix

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBURh5a+4yVqjM2NGpAQJiIhAAidu1m0PJsTBgoFMQRqRy+1gWWAEa/LQ/
IftqlCk5JulTTHa/g387lc/+T2G3tljz1D22+u7pRC9ssC7JPiHh4cGhS3gAxGWM
BF0qnfEtUyv8fVvpENfHh/GnqX9216ZLEaRdcvTltU/6kj7CwXMr0sfFsvaBKdyZ
/6pl64sRP4J4E7Oc/6n9Lt2FvPxnIISA0mV3Yu9a4ZOO0wKW0AQv/Wg5vNK3A920
Q3iy3Jl+FOmLFQ6qB2mNeUnH7jlUg+An2uaZkvbkZVfVPpnGo4WTiD5w9LIQxltL
ihgWYlzoAtj0wtJZyjSIqAqPkxgJe6FXfcXm/hiu2vjm+rWnsx1mR+Q5AjNqOiiY
HtyccJWpkQZclkyFBSSOXRTx0YBpjEGryxxMt3kcPxbvv8DilWlzIKKbI7UEWd6s
uCCCmni0yXDdwnLD3FcaAoECaROEM/noDChtkRPz+v95qBMmIqrlPnFqOvR7FPDp
2bNuV3A/xSzgifGDM8KntFqdypSjS8LJ2HJ2WHBf9qVMu9CNTcLYFi90qh12d+D1
40iG/TtNDawd9U/vSySPHx0EL+nD3Xm4Q5DAS1Zauuc/dzEzitycnJJ+84MyFyut
ZTB3XouZqqyvrapuCi2me3Lnr3ZchEHYWm0CK4VpNwxBi0paNYJ9lJJifK7wkCSS
FAVXjsaYFdo=
=QvMY
-----END PGP SIGNATURE-----