Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5 security vulnerability response policy.F5 products and versions that have been evaluated for this Security Advisory
Product | Affected | Not Affected |
---|---|---|
BIG-IP LTM | 9.0.0 - 9.0.5 | 9.1.x |
9.2.x | ||
9.3.x | ||
9.4.x | ||
9.6.x | ||
10.x | ||
11.x | ||
BIG-IP GTM | None | 9.x |
10.x | ||
11.x | ||
BIG-IP ASM | None | 9.x |
10.x | ||
11.x | ||
BIG-IP Link Controller | None | 9.x |
10.x | ||
11.x | ||
BIG-IP WebAccelerator | None | 9.x |
10.x | ||
11.x | ||
BIG-IP PSM | None | 9.x |
10.x | ||
11.x | ||
BIG-IP WAN Optimization | None | 10.x |
11.x | ||
BIG-IP APM | None | 10.x |
11.x | ||
BIG-IP Edge Gateway | None | 10.x |
11.x | ||
BIG-IP Analytics | None | 11.x |
BIG-IP AFM | None | 11.x |
BIG-IP PEM | None | 11.x |
FirePass | None | 5.x |
6.x | ||
7.x | ||
Enterprise Manager | None | 1.x |
2.x | ||
3.x | ||
Vulnerability description | ||
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | ||
Information about this advisory is available at the following location: | ||
<https://vulners.com/cve/CVE-2005-0356> | ||
F5 Product Development tracked this issue as CR46832, CR46833, and CR46834 and it was fixed in BIG-IP 9.1.0. For information about upgrading, refer to the BIG-IP LTM Release Notes. |