Details of VAR-201606-0391

ID

VAR-201606-0391

CVE

CVE-2016-4429

TITLE

GNU C Library of sunrpc/clnt_udp.c of clntudp_call Function vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2016-003093

DESCRIPTION

Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. GNU glibc is prone to a remote denial-of-service vulnerability. Successful exploits may allow an attacker to crash the application or to consume excessive memory resources, resulting in a denial-of-service condition. Due to the nature of this issue arbitrary code execution may be possible, but this has not been confirmed. GNU glibc 2.24 is vulnerable; other versions may also be affected. Note: libtirpc is also affected. (CVE-2016-4429) It was discovered that libtirpc incorrectly handled certain inputs. (CVE-2018-14622) It was discovered that libtirpc incorrectly handled certain strings. =========================================================================== Ubuntu Security Notice USN-3239-2 March 21, 2017 eglibc, glibc regression =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: USN-3239-1 introduced a regression in the GNU C Library. Software Description: - glibc: GNU C Library - eglibc: GNU C Library Details: USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. This update reverts the change. We apologize for the inconvenience. Please note that long-running services that were restarted to compensate for the USN-3239-1 update may need to be restarted again. Original advisory details: It was discovered that the GNU C Library incorrectly handled the strxfrm() function. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982) It was discovered that an integer overflow existed in the _IO_wstr_overflow() function of the GNU C Library. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8983) It was discovered that the fnmatch() function in the GNU C Library did not properly handle certain malformed patterns. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8984) Alexander Cherepanov discovered a stack-based buffer overflow in the glob implementation of the GNU C Library. An attacker could use this to specially craft a directory layout and cause a denial of service. (CVE-2016-1234) Florian Weimer discovered a NULL pointer dereference in the DNS resolver of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2015-5180) Michael Petlan discovered an unbounded stack allocation in the getaddrinfo() function of the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-3706) Aldy Hernandez discovered an unbounded stack allocation in the sunrpc implementation in the GNU C Library. An attacker could use this to cause a denial of service. (CVE-2016-4429) Tim Ruehsen discovered that the getaddrinfo() implementation in the GNU C Library did not properly track memory allocations. An attacker could use this to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-5417) Andreas Schwab discovered that the GNU C Library on ARM 32-bit platforms did not properly set up execution contexts. An attacker could use this to cause a denial of service. (CVE-2016-6323) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libc6 2.23-0ubuntu7 Ubuntu 14.04 LTS: libc6 2.19-0ubuntu6.11 Ubuntu 12.04 LTS: libc6 2.15-0ubuntu10.17 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-3239-2 http://www.ubuntu.com/usn/usn-3239-1 https://bugs.launchpad.net/bugs/1674532 Package Information: https://launchpad.net/ubuntu/+source/glibc/2.23-0ubuntu7 https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.11 https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.17

Trust: 2.43

sources: NVD: CVE-2016-4429 // JVNDB: JVNDB-2016-003093 // BID: 90737 // VULMON: CVE-2016-4429 // PACKETSTORM: 149244 // PACKETSTORM: 141812 // PACKETSTORM: 149243 // PACKETSTORM: 141758 // PACKETSTORM: 141749

AFFECTED PRODUCTS

vendor:	opensuse	model:	opensuse	scope:	eq	version:	13.2	Trust: 1.8
vendor:	opensuse	model:	leap	scope:	eq	version:	42.1	Trust: 1.0
vendor:	gnu	model:	glibc	scope:	lt	version:	2.24	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.04	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	12.04	Trust: 1.0
vendor:	gnu	model:	c library	scope:	-	version:	-	Trust: 0.8
vendor:	gnu	model:	glibc	scope:	-	version:	-	Trust: 0.6
vendor:	f5	model:	big-ip afm hf6	scope:	eq	version:	11.6	Trust: 0.3
vendor:	ibm	model:	security network controller 1.0.3361m	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf9	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf1	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics build	scope:	eq	version:	11.5.110.104.180	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip aam build	scope:	eq	version:	11.5.40.1.256	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf2	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf7	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip apm hf4	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip afm hf6	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.1209	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip asm hf2	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller build	scope:	eq	version:	12.01.14.628	Trust: 0.3
vendor:	f5	model:	big-ip apm hf8	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf2	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip aam hf1	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf2	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-iq device	scope:	eq	version:	4.5	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3361	Trust: 0.3
vendor:	f5	model:	big-ip pem hf6	scope:	eq	version:	11.6	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	2.13-34	Trust: 0.3
vendor:	f5	model:	big-iq device	scope:	eq	version:	4.2	Trust: 0.3
vendor:	f5	model:	big-ip pem hf2	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.5.0	Trust: 0.3
vendor:	gnu	model:	glibc	scope:	eq	version:	2.24	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3394	Trust: 0.3
vendor:	f5	model:	big-ip afm hf1	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf5	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip apm hf4	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-iq device	scope:	eq	version:	4.4	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip aam hf8	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip aam hf4	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip afm build	scope:	eq	version:	12.01.14.628	Trust: 0.3
vendor:	f5	model:	big-ip asm hf3	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf2	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	ne	version:	3.30.7-23	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	2.16-37	Trust: 0.3
vendor:	f5	model:	big-ip psm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip afm hf8	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip asm hf10	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf10	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	ibm	model:	security virtual server protection for vmware	scope:	eq	version:	1.1.0.1	Trust: 0.3
vendor:	f5	model:	big-ip pem hf9	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf6	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	3.25-57	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	2.18-43	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	f5	model:	big-ip afm hf5	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf9	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf6	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip apm hf1	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf8	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip afm build 685-hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf6	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.2.40	Trust: 0.3
vendor:	f5	model:	big-iq device hf3	scope:	eq	version:	4.4	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.4	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	2.11-28	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-iq security	scope:	eq	version:	4.5	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip dns build	scope:	eq	version:	12.01.14.628	Trust: 0.3
vendor:	f5	model:	big-ip afm build	scope:	eq	version:	11.5.110.104.180	Trust: 0.3
vendor:	f5	model:	big-ip pem hf8	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	ibm	model:	security network controller 1.0.3350m	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway 10.2.3-hf1	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.3	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf6	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip aam hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf1	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-iq security	scope:	eq	version:	4.4	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip afm hf1	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip aam hf6	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip asm hf5	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	3.30.0-13	Trust: 0.3
vendor:	f5	model:	big-ip afm hf3	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip pem hf3	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	arx	scope:	eq	version:	6.2	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf5	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip aam build	scope:	eq	version:	11.66.204.442	Trust: 0.3
vendor:	f5	model:	big-ip asm hf1	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf3	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf2	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm build	scope:	eq	version:	11.5.110.104.180	Trust: 0.3
vendor:	f5	model:	big-ip aam hf2	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip apm hf1	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf5	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf6	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip apm hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	2.15-36	Trust: 0.3
vendor:	f5	model:	big-ip aam hf6	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf2	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	ibm	model:	security network controller 1.0.3387m	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	ibm	model:	security network controller 1.0.3379m	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-iq device	scope:	eq	version:	4.3	Trust: 0.3
vendor:	f5	model:	big-ip apm hf5	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf6	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.4.0	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf1	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf4	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf8	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip afm hf9	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf3	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip aam hf3	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf3	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf9	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip asm hf4	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.1768	Trust: 0.3
vendor:	google	model:	android	scope:	eq	version:	0	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf5	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip asm hf2	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	websafe	scope:	eq	version:	1.0	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	1.0.2919	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf1	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf4	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip asm hf3	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip aam hf9	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	mobilesafe	scope:	eq	version:	1.0	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	3.30.2-9	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip asm hf8	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-iq cloud hf2	scope:	eq	version:	4.4	Trust: 0.3
vendor:	f5	model:	big-ip asm build	scope:	eq	version:	11.5.40.1.256	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip apm hf1	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	12.04	Trust: 0.3
vendor:	f5	model:	big-ip apm build	scope:	eq	version:	11.5.110.104.180	Trust: 0.3
vendor:	f5	model:	big-ip aam build	scope:	eq	version:	12.01.14.628	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf1	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf1	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf6	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf9	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-iq security	scope:	eq	version:	4.3	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	3.29-9	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf5	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3387	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-iq cloud hf3	scope:	eq	version:	4.4	Trust: 0.3
vendor:	f5	model:	big-ip asm hf6	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf2	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	ibm	model:	security network controller 1.0.3352m	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip asm hf2	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip asm hf9	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip afm hf4	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf8	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip afm hf2	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip aam hf5	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip asm hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf6	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf4	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	f5	model:	big-ip asm hf6	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip afm hf4	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf4	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip afm hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip aam hf1	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip afm hf5	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics build	scope:	eq	version:	11.5.40.1.256	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf2	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf1	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip aam build	scope:	eq	version:	11.5.110.104.180	Trust: 0.3
vendor:	f5	model:	big-ip apm hf3	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip pem hf1	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip aam hf5	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	ibm	model:	security virtual server protection for vmware	scope:	eq	version:	1.1	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-iq centralized management	scope:	eq	version:	4.6	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf4	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm hf3	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf7	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip analytics build 685-hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf4	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip pem hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip afm hf8	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf1	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip apm hf3	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip aam hf2	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf1	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf8	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf1	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-iq cloud	scope:	eq	version:	4.0	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip asm hf5	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf9	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip pem hf1	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip dns hf1	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf5	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	11.4.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	f5	model:	big-ip asm build	scope:	eq	version:	11.66.204.442	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf5	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	12.0	Trust: 0.3
vendor:	ibm	model:	security network controller 1.0.3394m	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	security network controller 1.0.3381m	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-iq cloud	scope:	eq	version:	4.2	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	1.0	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	12.04	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	f5	model:	big-iq centralized management	scope:	eq	version:	5.0	Trust: 0.3
vendor:	f5	model:	big-ip afm hf3	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller build	scope:	eq	version:	11.5.40.1.256	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf1	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip aam hf10	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf8	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-iq adc	scope:	eq	version:	4.5	Trust: 0.3
vendor:	f5	model:	big-ip asm hf1	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip aam hf8	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-iq cloud	scope:	eq	version:	4.1	Trust: 0.3
vendor:	f5	model:	big-ip aam hf2	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf9	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip afm hf1	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	3.18-49	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf3	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf10	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip asm hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	3.13-41	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip afm build	scope:	eq	version:	11.5.40.1.256	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip apm hf10	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip psm hf9	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip asm hf4	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip dns hf2	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf2	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3381	Trust: 0.3
vendor:	f5	model:	big-ip analytics build	scope:	eq	version:	11.66.204.442	Trust: 0.3
vendor:	f5	model:	big-ip aam hf4	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf8	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-iq cloud and orchestration	scope:	eq	version:	1.0	Trust: 0.3
vendor:	f5	model:	big-ip apm hf1	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf8	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm build	scope:	eq	version:	11.5.40.1.256	Trust: 0.3
vendor:	f5	model:	big-ip aam build 685-hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip gtm build 685-hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf9	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip asm build	scope:	eq	version:	12.01.14.628	Trust: 0.3
vendor:	f5	model:	big-ip afm hf2	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip apm hf2	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip asm hf1	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.5.4	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3376	Trust: 0.3
vendor:	redhat	model:	libtirpc	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	2.18-42	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip aam hf1	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip apm build	scope:	eq	version:	11.66.204.442	Trust: 0.3
vendor:	f5	model:	big-ip pem hf5	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf8	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.6	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.6.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip psm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip asm build 685-hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf3	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-iq security	scope:	eq	version:	4.0	Trust: 0.3
vendor:	f5	model:	big-ip psm hf8	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip pem hf2	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip dns	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip wom	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf1	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	1.0.1876	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-iq cloud	scope:	eq	version:	4.3	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	big-ip wom hf1	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip link controller build	scope:	eq	version:	11.66.204.442	Trust: 0.3
vendor:	f5	model:	big-ip asm hf1	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip psm hf10	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-iq security	scope:	eq	version:	4.2	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	3.30.4-12	Trust: 0.3
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	f5	model:	big-ip afm	scope:	eq	version:	11.5.2	Trust: 0.3
vendor:	f5	model:	big-ip afm hf2	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip asm hf9	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip dns hf3	scope:	eq	version:	12.0	Trust: 0.3
vendor:	f5	model:	iworkflow	scope:	eq	version:	2.0	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm hf2	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip asm build	scope:	eq	version:	11.5.110.104.180	Trust: 0.3
vendor:	f5	model:	big-ip gtm hf8	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip pem	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	11.5	Trust: 0.3
vendor:	f5	model:	big-ip gtm	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics build	scope:	eq	version:	12.01.14.628	Trust: 0.3
vendor:	f5	model:	big-ip apm build	scope:	eq	version:	11.5.40.1.256	Trust: 0.3
vendor:	f5	model:	big-ip afm hf9	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	ibm	model:	security network controller 1.0.3376m	scope:	-	version:	-	Trust: 0.3
vendor:	f5	model:	big-ip aam hf1	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-iq security	scope:	eq	version:	4.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf9	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	ibm	model:	security network controller	scope:	eq	version:	1.0.3379	Trust: 0.3
vendor:	f5	model:	big-ip ltm	scope:	eq	version:	10.2.4	Trust: 0.3
vendor:	ibm	model:	security proventia network active bypass	scope:	eq	version:	3.0	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	f5	model:	big-ip afm build	scope:	eq	version:	11.66.204.442	Trust: 0.3
vendor:	f5	model:	big-ip pem hf4	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	f5	model:	big-ip aam hf3	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-ip afm hf10	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-iq cloud	scope:	eq	version:	4.5	Trust: 0.3
vendor:	f5	model:	big-ip aam hf9	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	enterprise manager	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip asm hf8	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip apm	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip link controller hf1	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-iq security hf2	scope:	eq	version:	4.4	Trust: 0.3
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	10.2.1	Trust: 0.3
vendor:	f5	model:	big-ip apm build 685-hf10	scope:	eq	version:	11.4.1	Trust: 0.3
vendor:	f5	model:	big-ip pem hf1	scope:	eq	version:	12.0.0	Trust: 0.3
vendor:	f5	model:	big-iq cloud	scope:	eq	version:	4.4	Trust: 0.3
vendor:	f5	model:	big-ip analytics hf10	scope:	eq	version:	11.4	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	12.1.0	Trust: 0.3
vendor:	f5	model:	big-ip aam	scope:	eq	version:	11.6.0	Trust: 0.3
vendor:	ibm	model:	security virtual server protection for vmware	scope:	eq	version:	1.1.1	Trust: 0.3
vendor:	f5	model:	big-iq device hf2	scope:	eq	version:	4.4	Trust: 0.3
vendor:	f5	model:	big-ip gtm build	scope:	eq	version:	11.66.204.442	Trust: 0.3
vendor:	f5	model:	big-ip afm hf1	scope:	eq	version:	11.5.3	Trust: 0.3
vendor:	f5	model:	big-ip asm	scope:	eq	version:	11.5.1	Trust: 0.3
vendor:	f5	model:	big-ip apm build	scope:	eq	version:	12.01.14.628	Trust: 0.3

sources: BID: 90737 // JVNDB: JVNDB-2016-003093 // CNNVD: CNNVD-201606-230 // NVD: CVE-2016-4429

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-4429
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-4429
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201606-230
value:	MEDIUM
Trust: 0.6
VULMON:	CVE-2016-4429
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-4429
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	CVE-2016-4429
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

nvd@nist.gov:	CVE-2016-4429
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2016-4429
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2016-4429 // JVNDB: JVNDB-2016-003093 // CNNVD: CNNVD-201606-230 // NVD: CVE-2016-4429

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	CWE-20	Trust: 0.8

sources: JVNDB: JVNDB-2016-003093 // NVD: CVE-2016-4429

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201606-230

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201606-230

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-003093

PATCH

title:	openSUSE-SU-2016:1527	url:	https://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html	Trust: 0.8
title:	Bug 20112	url:	https://sourceware.org/bugzilla/show_bug.cgi?id=20112	Trust: 0.8
title:	CVE-2016-4429: sunrpc: Do not use alloca in clntudp_call [BZ #20112]	url:	https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bc779a1a5b3035133024b21e2f339fe4219fb11c	Trust: 0.8
title:	GNU C Library Fixes for stack-based buffer overflow vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62185	Trust: 0.6
title:	The Register	url:	https://www.theregister.co.uk/2017/12/05/android_december_security_bulletin/	Trust: 0.2
title:	Debian CVElist Bug Report Logs: CVE-2016-4429	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=2f5b4ce90152a3bb4f395a0901e7e132	Trust: 0.1
title:	Ubuntu Security Notice: libtirpc vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3759-1	Trust: 0.1
title:	Ubuntu Security Notice: libtirpc vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3759-2	Trust: 0.1
title:	Ubuntu Security Notice: eglibc, glibc regression	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3239-2	Trust: 0.1
title:	Ubuntu Security Notice: eglibc regression	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3239-3	Trust: 0.1
title:	Ubuntu Security Notice: eglibc, glibc vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3239-1	Trust: 0.1
title:	Android Security Bulletins: Android Security Bulletin—December 2017	url:	https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=61f816ea19e8d4351da6636b7a63eb7d	Trust: 0.1

sources: VULMON: CVE-2016-4429 // JVNDB: JVNDB-2016-003093 // CNNVD: CNNVD-201606-230

EXTERNAL IDS

db:	NVD	id:	CVE-2016-4429	Trust: 3.3
db:	BID	id:	102073	Trust: 1.7
db:	JVNDB	id:	JVNDB-2016-003093	Trust: 0.8
db:	AUSCERT	id:	ESB-2020.2223	Trust: 0.6
db:	CNNVD	id:	CNNVD-201606-230	Trust: 0.6
db:	BID	id:	90737	Trust: 0.3
db:	VULMON	id:	CVE-2016-4429	Trust: 0.1
db:	PACKETSTORM	id:	149244	Trust: 0.1
db:	PACKETSTORM	id:	141812	Trust: 0.1
db:	PACKETSTORM	id:	149243	Trust: 0.1
db:	PACKETSTORM	id:	141758	Trust: 0.1
db:	PACKETSTORM	id:	141749	Trust: 0.1

sources: VULMON: CVE-2016-4429 // BID: 90737 // JVNDB: JVNDB-2016-003093 // PACKETSTORM: 149244 // PACKETSTORM: 141812 // PACKETSTORM: 149243 // PACKETSTORM: 141758 // PACKETSTORM: 141749 // CNNVD: CNNVD-201606-230 // NVD: CVE-2016-4429

REFERENCES

url:	http://www.securityfocus.com/bid/102073	Trust: 3.0
url:	https://sourceware.org/bugzilla/show_bug.cgi?id=20112	Trust: 2.0
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21995039	Trust: 2.0
url:	https://source.android.com/security/bulletin/2017-12-01	Trust: 2.0
url:	https://usn.ubuntu.com/3759-1/	Trust: 1.8
url:	http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html	Trust: 1.7
url:	https://usn.ubuntu.com/3759-2/	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2020/06/msg00027.html	Trust: 1.7
url:	https://sourceware.org/git/gitweb.cgi?p=glibc.git%3bh=bc779a1a5b3035133024b21e2f339fe4219fb11c	Trust: 1.0
url:	https://www.oracle.com//security-alerts/cpujul2021.html	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4429	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4429	Trust: 0.8
url:	https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bc779a1a5b3035133024b21e2f339fe4219fb11c	Trust: 0.7
url:	https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=8c4901802968b8c8356860ee689b1ef9cd2cbfe4	Trust: 0.6
url:	https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=11e7de77bd5ab0a7706a013598f845ad0c4a8b4c	Trust: 0.6
url:	https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=5c710156bb55b0a085da7c4142b124f3cd986d25	Trust: 0.6
url:	https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=b15f0ff7351eb6b6a8f6694b4cd5ad27145bd439	Trust: 0.6
url:	https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=613f91ebcd0838c2c2bec3657e36dd57fcc6a7ea	Trust: 0.6
url:	https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=aab2cc06db7cb6c7589bef71e65b5acfa58adc33	Trust: 0.6
url:	https://source.codeaurora.org/quic/le/oe/recipes/commit/?h=lnx.le.5.3&id=6cfcc1c582a565f5360f7a3977f4a8f42d5245cd	Trust: 0.6
url:	http://code.google.com/android/	Trust: 0.6
url:	https://www.oracle.com/security-alerts/cpujul2021.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2223/	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4429	Trust: 0.5
url:	http://www.gnu.org/software/libc/	Trust: 0.3
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1337136	Trust: 0.3
url:	https://support.f5.com/kb/en-us/solutions/public/k/17/sol17075474.html	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21996174	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21996177	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1234	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-3706	Trust: 0.3
url:	http://www.ubuntu.com/usn/usn-3239-1	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8982	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-5417	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2016-6323	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8984	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2015-8983	Trust: 0.3
url:	https://usn.ubuntu.com/usn/usn-3759-1	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8779	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-14622	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5180	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840347	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://usn.ubuntu.com/usn/usn-3759-2	Trust: 0.1
url:	https://bugs.launchpad.net/bugs/1674776	Trust: 0.1
url:	http://www.ubuntu.com/usn/usn-3239-3	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.18	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/libtirpc/0.2.5-1.2ubuntu0.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/libtirpc/0.2.5-1ubuntu0.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/libtirpc/0.2.2-5ubuntu2.1	Trust: 0.1
url:	https://bugs.launchpad.net/bugs/1674532	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.11	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.17	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/glibc/2.23-0ubuntu7	Trust: 0.1
url:	http://www.ubuntu.com/usn/usn-3239-2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.10	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/glibc/2.23-0ubuntu6	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.16	Trust: 0.1

CREDITS

The vendor reported these issues.

Trust: 0.6

sources: CNNVD: CNNVD-201606-230

SOURCES

db:	VULMON	id:	CVE-2016-4429
db:	BID	id:	90737
db:	JVNDB	id:	JVNDB-2016-003093
db:	PACKETSTORM	id:	149244
db:	PACKETSTORM	id:	141812
db:	PACKETSTORM	id:	149243
db:	PACKETSTORM	id:	141758
db:	PACKETSTORM	id:	141749
db:	CNNVD	id:	CNNVD-201606-230
db:	NVD	id:	CVE-2016-4429

LAST UPDATE DATE

2024-08-14T13:15:31.347000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2016-4429	date:	2021-07-20T00:00:00
db:	BID	id:	90737	date:	2016-05-18T00:00:00
db:	JVNDB	id:	JVNDB-2016-003093	date:	2016-06-14T00:00:00
db:	CNNVD	id:	CNNVD-201606-230	date:	2021-07-21T00:00:00
db:	NVD	id:	CVE-2016-4429	date:	2023-11-07T02:32:37.350

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2016-4429	date:	2016-06-10T00:00:00
db:	BID	id:	90737	date:	2016-05-18T00:00:00
db:	JVNDB	id:	JVNDB-2016-003093	date:	2016-06-14T00:00:00
db:	PACKETSTORM	id:	149244	date:	2018-09-05T22:46:01
db:	PACKETSTORM	id:	141812	date:	2017-03-24T15:02:31
db:	PACKETSTORM	id:	149243	date:	2018-09-05T22:45:49
db:	PACKETSTORM	id:	141758	date:	2017-03-22T14:12:01
db:	PACKETSTORM	id:	141749	date:	2017-03-21T14:50:15
db:	CNNVD	id:	CNNVD-201606-230	date:	2016-06-12T00:00:00
db:	NVD	id:	CVE-2016-4429	date:	2016-06-10T15:59:05.687