Forum Discussion
K000137322: BIG-IP iRule or LTM policy may generate multiple HTTP redirect responses
Since I didn't almost miss the announcement of this vulnerability, I want to share it again here.
Have you already mitigations in place? Request smuggling is not a completely new problem.
- John_AdamsNimbostratus
I'm working on this now. I wrote a Perl script to parse an excerpt from bigip.conf--all the entries beginning "ltm virtual "--and generate commands to modify all the virtual servers with an affected iRule. That's my naïve approach to it.
What I'm not totally clear on is two-fold: How serious is this issue and how effective is this mitigation?
- NandhiCirrus
Any fixed release for this vulnerability? or still relying on irule. thanks.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com