For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

GHUG_105220's avatar
GHUG_105220
Icon for Nimbostratus rankNimbostratus
Feb 04, 2011

OpenSSH Version upgrade on BIGIP LTM

We had an external auditors come in and they alarmed us about a OpenSSH X11 Forward Session Hijacking vulerability that was present on our production LTM's. This issue is documented here: http://www.n...
BIG-IP Access Policy Manager (APM)
remote access
security
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Feb 05, 2011
Hi,

 

 

Upgrading the packages on LTM is only supported as part of an OS upgrade. F5 generally issues updates for security fixes affecting the platform fairly quickly. In this case, it was determined that LTM is not vulnerable to this exploit. X11 forwarding isn't enabled by default in F5's sshd_config.

 

 

SOL9107: OpenSSH vulnerability CVE-2008-1483

 

http://support.f5.com/kb/en-us/solutions/public/9000/100/sol9107.html

 

 

Aaron

 

Aaron