F5 Networks Information for VU#888801

SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension



Vendor Statement

F5 Networks has released a patch for the following products and versions:

BIG-IP versions 4.2 through 4.5
3-DNS versions 4.2 through 4.5
BIG-IP Blade Controller version 4.2.3 PTF-01

Patch locations and more information can be found here:


    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References



    The CERT/CC has no additional comments at this time.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.