F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

GHUG_105220's avatar
GHUG_105220
Icon for Nimbostratus rankNimbostratus
Feb 04, 2011

OpenSSH Version upgrade on BIGIP LTM

We had an external auditors come in and they alarmed us about a OpenSSH X11 Forward Session Hijacking vulerability that was present on our production LTM's. This issue is documented here: http://www.n...
BIG-IP Access Policy Manager (APM)
remote access
security
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Feb 04, 2011
Hi,

 

 

Upgrading the packages on LTM is only supported as part of an OS upgrade. F5 generally issues updates for security fixes affecting the platform fairly quickly. In this case, it was determined that LTM is not vulnerable to this exploit. X11 forwarding isn't enabled by default in F5's sshd_config.

 

 

SOL9107: OpenSSH vulnerability CVE-2008-1483

 

http://support.f5.com/kb/en-us/solutions/public/9000/100/sol9107.html

 

 

Aaron

 

Aaron