Lucene search
This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.F5_BIGIP_SOL68401558.NASLHistoryNov 03, 2016 - 12:00 a.m.
F5 Networks BIG-IP : BIG-IP virtual server TCP sequence numbers vulnerability (K68401558)
2016-11-0300:00:00
This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
60
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.1%
Attackers in a privileged network position may be able to obtain TCP sequence numbers (SEQ) from the BIG-IP system for a short period of time (up to 4 seconds) that will be reused in future connections with the same source and destination port and IP numbers.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K68401558.
#
# The text description of this plugin is (C) F5 Networks.
#
include("compat.inc");
if (description)
{
script_id(94480);
script_version("2.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/07");
script_cve_id("CVE-2002-1463");
script_name(english:"F5 Networks BIG-IP : BIG-IP virtual server TCP sequence numbers vulnerability (K68401558)");
script_summary(english:"Checks the BIG-IP version.");
script_set_attribute(
attribute:"synopsis",
value:"The remote device is missing a vendor-supplied security patch."
);
script_set_attribute(
attribute:"description",
value:
"Attackers in a privileged network position may be able to obtain TCP
sequence numbers (SEQ) from the BIG-IP system for a short period of
time (up to 4 seconds) that will be reused in future connections with
the same source and destination port and IP numbers."
);
script_set_attribute(
attribute:"see_also",
value:"https://support.f5.com/csp/article/K14779"
);
script_set_attribute(
attribute:"see_also",
value:"https://support.f5.com/csp/article/K68401558"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade to one of the non-vulnerable versions listed in the F5
Solution K68401558."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
script_set_attribute(attribute:"vuln_publication_date", value:"2003/06/09");
script_set_attribute(attribute:"patch_publication_date", value:"2016/11/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/03");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"F5 Networks Local Security Checks");
script_dependencies("f5_bigip_detect.nbin");
script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport");
exit(0);
}
include("f5_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
version = get_kb_item("Host/BIG-IP/version");
if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP");
if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix");
if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules");
sol = "K68401558";
vmatrix = make_array();
if (report_paranoia < 2) audit(AUDIT_PARANOID);
# AFM
vmatrix["AFM"] = make_array();
vmatrix["AFM"]["affected" ] = make_list("12.0.0","11.5.0-11.6.1");
vmatrix["AFM"]["unaffected"] = make_list("12.1.0","12.0.0HF1","11.6.1HF1");
# AM
vmatrix["AM"] = make_array();
vmatrix["AM"]["affected" ] = make_list("12.0.0","11.5.0-11.6.1");
vmatrix["AM"]["unaffected"] = make_list("12.1.0","12.0.0HF1","11.6.1HF1");
# APM
vmatrix["APM"] = make_array();
vmatrix["APM"]["affected" ] = make_list("12.0.0","11.5.0-11.6.1");
vmatrix["APM"]["unaffected"] = make_list("12.1.0","12.0.0HF1","11.6.1HF1");
# ASM
vmatrix["ASM"] = make_array();
vmatrix["ASM"]["affected" ] = make_list("12.0.0","11.5.0-11.6.1");
vmatrix["ASM"]["unaffected"] = make_list("12.1.0","12.0.0HF1","11.6.1HF1");
# AVR
vmatrix["AVR"] = make_array();
vmatrix["AVR"]["affected" ] = make_list("12.0.0","11.5.0-11.6.1");
vmatrix["AVR"]["unaffected"] = make_list("12.1.0","12.0.0HF1","11.6.1HF1");
# GTM
vmatrix["GTM"] = make_array();
vmatrix["GTM"]["affected" ] = make_list("12.0.0","11.5.0-11.6.1");
vmatrix["GTM"]["unaffected"] = make_list("12.1.0","12.0.0HF1","11.6.1HF1");
# LC
vmatrix["LC"] = make_array();
vmatrix["LC"]["affected" ] = make_list("12.0.0","11.5.0-11.6.1");
vmatrix["LC"]["unaffected"] = make_list("12.1.0","12.0.0HF1","11.6.1HF1");
# LTM
vmatrix["LTM"] = make_array();
vmatrix["LTM"]["affected" ] = make_list("12.0.0","11.5.0-11.6.1");
vmatrix["LTM"]["unaffected"] = make_list("12.1.0","12.0.0HF1","11.6.1HF1");
# PEM
vmatrix["PEM"] = make_array();
vmatrix["PEM"]["affected" ] = make_list("12.0.0","11.5.0-11.6.1");
vmatrix["PEM"]["unaffected"] = make_list("12.1.0","12.0.0HF1","11.6.1HF1");
if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = bigip_get_tested_modules();
audit_extra = "For BIG-IP module(s) " + tested + ",";
if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
else audit(AUDIT_HOST_NOT, "running any of the affected modules");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f5 | big-ip_access_policy_manager | cpe:/a:f5:big-ip_access_policy_manager | |
| f5 | big-ip_advanced_firewall_manager | cpe:/a:f5:big-ip_advanced_firewall_manager | |
| f5 | big-ip_application_acceleration_manager | cpe:/a:f5:big-ip_application_acceleration_manager | |
| f5 | big-ip_application_security_manager | cpe:/a:f5:big-ip_application_security_manager | |
| f5 | big-ip_application_visibility_and_reporting | cpe:/a:f5:big-ip_application_visibility_and_reporting | |
| f5 | big-ip_global_traffic_manager | cpe:/a:f5:big-ip_global_traffic_manager | |
| f5 | big-ip_link_controller | cpe:/a:f5:big-ip_link_controller | |
| f5 | big-ip_local_traffic_manager | cpe:/a:f5:big-ip_local_traffic_manager | |
| f5 | big-ip_policy_enforcement_manager | cpe:/a:f5:big-ip_policy_enforcement_manager | |
| f5 | big-ip | cpe:/h:f5:big-ip |
Related
openvas
openvas
F5 BIG-IP - BIG-IP virtual server TCP sequence numbers vulnerability
2016-11-03 00:00:00
TCP/IP Predictable TCP Initial Sequence Number Vulnerability
2013-04-22 00:00:00
cve
cve
CVE-2002-1463
2004-09-01 04:00:00
nvd
nvd
CVE-2002-1463
2003-06-09 04:00:00
f5
f5
SOL68401558 - BIG-IP virtual server TCP sequence numbers vulnerability
2016-11-02 00:00:00
K68401558 : BIG-IP virtual server TCP sequence numbers vulnerability
2016-11-02 00:00:00
cvelist
cvelist
CVE-2002-1463
2004-09-01 04:00:00
nessus
nessus
TCP/IP Initial Sequence Number (ISN) Reuse Weakness
2002-08-02 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.1%
Related for F5_BIGIP_SOL68401558.NASL