F5 Multiple Products Tomcat Chunked Request Handling Vulnerability


Description   F5 has acknowledged a vulnerability in multiple F5 products, which can be exploited by malicious people to bypass certain security restrictions.
For more information:
SA62768
The vulnerabilities are reported in the following products and versions:
* BIG-IP LTM, APM, ASM, and GTM versions 11.0.0 through 11.6.0 and 10.0.0 through 10.2.4
* BIG-IP AAM versions 11.4.0 through 11.6.0
* BIG-IP AFM and PEM versions 11.3.0 through 11.6.0
* BIG-IP Analytics versions 11.0.0 through 11.6.0
* BIG-IP Edge Gateway, WebAccelerator, and WOM versions 11.0.0 through 11.3.0 and 10.0.0 through 10.2.4
* BIG-IP Link Controller versions 11.0.0 through 11.6.0 and 10.0.0 through 10.2.4
* BIG-IP PSM versions 11.0.0 through 11.4.1 and 10.0.0 through 10.2.4
* Enterprise Manager versions 3.0.0 through 3.1.1 and 2.1.0 through 2.3.0
* BIG-IQ Cloud, Device, and Security versions 4.0.0 through 4.5.0
* BIG-IQ ADC version 4.5.0
* Traffix SDC versions 4.0.0 through 4.1.0 and 3.3.2 through 3.5.1
     
Vulnerable Products   Vulnerable OS:
BIG-IP Application Security Manager 10.xBig-IP Application Security Manager 11.xBIG-IP Global Traffic Manager 10.xBIG-IP Global Traffic Manager 11.xF5 BIG-IP Access Policy Manager 10.xF5 BIG-IP Access Policy Manager 11.xF5 BIG-IP Advanced Firewall Manager 11.xF5 BIG-IP Analytics (AVR) 11.xF5 BIG-IP Application Acceleration Manager 11.xF5 BIG-IP Link Controller 11.xF5 BIG-IP Policy Enforcement Manager 11.xF5 Enterprise Manager 2.xF5 Enterprise Manager 3.xF5 TMOS 10.xF5 TMOS 11.xVulnerable Software:
BIG-IP Local Traffic Manager 10.xBIG-IP Local Traffic Manager 11.xF5 BIG-IQ Cloud 4.xF5 BIG-IQ Device 4.xF5 BIG-IQ Security 4.x
     
Solution   No official solution is currently available.
     
CVE   CVE-2014-0227
     
References   https://support.f5.com/kb/en-us/solutions/public/16000/300/sol16344.html
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
HTTP Request Smuggling : HTTP command found in header
3.2.0
HTTP Request Smuggling : Content-Length and Transfer-Encoding: chunked fields in header
3.2.0
HTTP Request Smuggling : suspicious syntax using HTTP keyword
3.2.0
HTTP Request Smuggling : multiple Content-Length fields
3.2.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2015-04-14 

 Target Type 
Server 

 Possible exploit 
Remote