F5 Networks Information for VU#888801

SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension

Status

Affected

Vendor Statement

F5 Networks has released a patch for the following products and versions:

BIG-IP versions 4.2 through 4.5
3-DNS versions 4.2 through 4.5
BIG-IP Blade Controller version 4.2.3 PTF-01

Patch locations and more information can be found here:

    http://tech.f5.com/home/bigip/solutions/security/sol2379.html

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References

    None

    Addendum

    The CERT/CC has no additional comments at this time.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.