{"id":4298,"date":"2017-11-22T00:28:00","date_gmt":"2017-11-21T23:28:00","guid":{"rendered":"http:\/\/borncity.com\/win\/?p=4298"},"modified":"2017-11-21T19:28:59","modified_gmt":"2017-11-21T18:28:59","slug":"critical-patch-for-f5-big-ip-appliances","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2017\/11\/22\/critical-patch-for-f5-big-ip-appliances\/","title":{"rendered":"Critical Patch for F5 Big-IP-Appliances"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" height=\"47\">Big-IP-Appliances (Firewalls, Load-Balancer) from F5.com have a security vulnerability that allows third parties to break and read SSL connections. An update for the critical vulnerability is available.<\/p>\n<p><!--more--><\/p>\n<p>This info only applies to administrators in corporate environments, using Big-IP-Appliances (Firewalls, Load-Balancer etc.) from <a href=\"https:\/\/f5.com\/de\/products\/big-ip\" target=\"_blank\">F5.com<\/a> within corporate networks. Nick Sullivan informed within <a href=\"https:\/\/twitter.com\/grittygrease\/status\/931782907693322241\" target=\"_blank\">this Tweet<\/a> about a security bug.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"de\">\n<p lang=\"en\" dir=\"ltr\">It's hard to overstate how bad this F5 bug is. It's basically DROWN without needing SSLv2. If you have a vulnerable F5, anyone can sign things with your RSA private key. Bleichenbacher strikes again. <a href=\"https:\/\/t.co\/sIdpsA3w5I\">https:\/\/t.co\/sIdpsA3w5I<\/a><\/p>\n<p>\u2014 Nick Sullivan (@grittygrease) <a href=\"https:\/\/twitter.com\/grittygrease\/status\/931782907693322241?ref_src=twsrc%5Etfw\">18. November 2017<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script> <\/p>\n<p>F5.com support has published <a href=\"https:\/\/support.f5.com\/csp\/article\/K21905460\" target=\"_blank\">this document<\/a> dealing with details about the vulnerability CVE-2017-6168. This document names also affected products and their software versions. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Big-IP-Appliances (Firewalls, Load-Balancer) from F5.com have a security vulnerability that allows third parties to break and read SSL connections. An update for the critical vulnerability is available.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580],"tags":[69],"class_list":["post-4298","post","type-post","status-publish","format-standard","hentry","category-security","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/4298","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=4298"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/4298\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=4298"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=4298"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=4298"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}