Vulnerability CVE-2016-9244

Vulnerability CVE-2016-9244

Published: 2017-02-09

Description:

	Topic	Author	Date
Med.	F5 BIG-IP 11.6 SSL Virtual Server Ticketbleed Memory Disclosure	@0x00string	12.04.2018

Type:

(Information Exposure)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Affected software
F5 -> Big-ip local traffic manager
F5 -> Big-ip application acceleration manager
F5 -> Big-ip advanced firewall manager
F5 -> Big-ip global traffic manager
F5 -> Big-ip analytics
F5 -> Big-ip access policy manager
F5 -> Big-ip application security manager
F5 -> Big-ip policy enforcement manager
F5 -> Big-ip link controller
F5 -> Big-ip protocol security manager
F5 -> Big-ip protocol security module

http://packetstormsecurity.com/files/141017/Ticketbleed-F5-TLS-Information-Disclosure.html

http://www.securityfocus.com/bid/96143

http://www.securitytracker.com/id/1037800

https://blog.filippo.io/finding-ticketbleed/

https://filippo.io/Ticketbleed/

https://github.com/0x00string/oldays/blob/master/CVE-2016-9244.py

https://support.f5.com/csp/article/K05121675

https://www.exploit-db.com/exploits/41298/