For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Paul_Roberts_16's avatar
Paul_Roberts_16
Icon for Nimbostratus rankNimbostratus
Jun 09, 2014

SSL irregularities in 10.2.4/11.4.1 LTMs. Vulnerable to Heartbleed or not?

So our network security team regularly sweeps our network looking for unpatched issues, and this week we recieved a whole pile of alerts about our LTMs and GTMs for the Heartbleed vulnerability on po...
application delivery
BIG-IP DNS
LTM
management
security
mimlo_61970's avatar
mimlo_61970
Icon for Cumulonimbus rankCumulonimbus
Jun 09, 2014

Try running strings against /usr/sbin/big3d and see what you get. I only have an 11.2.1 gtm/ltm available, but it appears to have been compiled with 0.9.8y. I also do not see the heartbeat extension listed as available on port 4353

strings /usr/sbin/big3d | grep OpenSSL

TLSv1 part of OpenSSL 0.9.8y 5 Feb 2013
OpenSSL 0.9.8y 5 Feb 2013
SSLv2 part of OpenSSL 0.9.8y 5 Feb 2013
SSLv3 part of OpenSSL 0.9.8y 5 Feb 2013
....