F5 patches Heartbleed-like 'Ticketbleed' bug

By

Server would return 31 bytes of system memory contents to clients.

F5 Networks has issued a patch for several of its products to rectify a flaw that could be used to silently and remotely read data in memory on the equipment, similar to the Heartbleed vulnerability.

F5 patches Heartbleed-like 'Ticketbleed' bug
Ticketbleed logo. Source: Filippo Valsorda.

The problem was found when Cloudflare cryptographer Filippo Valsorda traced down a connection issue a customer experienced and found a bug in how an F5 loadbalancer handles TLS session tickets.

Session tickets is a TLS protocol feature that contains some encrypted key material from a previous connection session. This allows the server to resume that session with the client immediately, instead of renegotiating a new connection.

The flaw lies in the server assuming it told the client to use a session ticket during the connection; instead however, the client thinks the server started a new session.

As a result of the bug, the server would send back 31 bytes of data from unallocated system memory to the client, similar in nature to the Heartbleed bug.

Valsorda said it wasn't clear what data could be exfiltrated via Ticketbleed, but said Heartbleed taught Cloudflare not to make any assumptions about the safety of uninitialised memory.

Disabling session tickets stops the vulnerability, and F5 Networks has issued a hotfix for the problem, which was assigned the CVE identifier CVE-2016-9244

F5 Networks rates the severity as high. Ten of its products contain vulnerable software.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Greater Western Water's billing system data issues laid bare

Greater Western Water's billing system data issues laid bare

Microsoft plans full quantum-resistant cryptography transition by 2033

Microsoft plans full quantum-resistant cryptography transition by 2033

TPG Telecom reveals iiNet order management system breached

TPG Telecom reveals iiNet order management system breached

Log In

  |  Forgot your password?