QwikSec

Security Database

CVE

CWE

Training

CVE-2016-9244

Published: Feb 9, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well.

Vendor	Product	Versions
F5 Networks	F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, PEM, PSM	affected `11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2`

References

https://support.f5.com/csp/article/K05121675

x_refsource_CONFIRM

exploit

x_refsource_EXPLOIT-DB

https://filippo.io/Ticketbleed/

x_refsource_MISC

vdb-entry

x_refsource_BID

https://blog.filippo.io/finding-ticketbleed/

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html

x_refsource_MISC

https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.