BIND Allow Version Request

svinoth,

 

 

1) if you search askf5.com you will see that certain HFs address BIND issues so I'd check this out as it details versions not at risk. Would be a good start

 

2) do you have a CVE for this? if so you can also enter it in to askf5 to see what the mitigation will be

 

2) and 3) it may be that both of these will be mitigated by amending the Ciphers in the SSL Client Profile and disallowing weak / low strength ciphers.

 

 

Hope this helps.

 

N

(2588513) TLS-SSL Server Blockwise Chosen-Boundary Browser Weakness (CVE-2011-3389)

 

 

Recommendation:

 

Remediation and workarounds vary per implementation of the protocols.

 

TLS versions 1.1 and later are not vulnerable.

 

Update TLS/SSL Server 1.1 or later.

 

Vendor specific:

 

Opera - http://www.opera.com/

 

Google Chrome - http://www.chromium.org/getting-involved/dev-channel

 

Mozilla Firefox - http://www.mozilla.org/en-US/firefox/fx/

 

Microsoft Internet Explorer - http://windows.microsoft.com/en-US/internet-explorer/products/ie/home

 

Apple Safari - http://www.apple.com/safari/

svinoth

 

 

Here's the F5 KB on this:

 

 

http://support.f5.com/kb/en-us/solutions/public/13000/400/sol13400.html?sr=28055070

 

 

Rgds

 

N