ID de Prueba:	1.3.6.1.4.1.25623.1.0.107207
Categoría:	F5 Local Security Checks
Título:	F5 BIG-IP - TMM vulnerability CVE-2017-6137
Resumen:	Undisclosed traffic patterns received while software SYN cookie protection is; engaged may cause a disruption of service to the Traffic Management Microkernel (TMM) on specific platforms and; configurations. (CVE-2017-6137)
Descripción:	Summary: Undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disruption of service to the Traffic Management Microkernel (TMM) on specific platforms and configurations. (CVE-2017-6137) Vulnerability Impact: When software syncookie protection is activated for a virtual server (the connection.syncookies.threshold database value has been exceeded), and the unit also has the Traffic Management Microkernel (TMM) fast forward enabled (the tmm.ffwd.enable database value is true, the default), and TCP Segmentation Offload (TSO) is enabled (the tm.tcpsegmentationoffload database value is true, the default) a specific sequence of packets causes TMM to generate an egress packet with an invalid MSS. As a result, packets egressing the BIG-IP system with an invalid MSS may be dropped by a neighboring device. Additionally, on the 3900, 6900, 8900, 8950, 11000, and 11050 platforms this may cause the high-speed bridge (HSB) to lock up. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-6137 http://www.securitytracker.com/id/1038409
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.