-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2012.0147
 A denial of service vulnerability has been fixed in F5 BIG-IP 11.2.1 HF1
                              26 October 2012

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              F5 BIG-IP
Operating System:     Network Appliance
Impact/Access:        Denial of Service -- Remote/Unauthenticated
Resolution:           Patch/Upgrade
CVE Names:            CVE-2012-4244  
Member content until: Sunday, November 25 2012
Reference:            ESB-2012.0871

OVERVIEW

        F5 BIG-IP 11.2.1 HF (Hotfix) 1 has been released. [1]


IMPACT

        HF 1 addresses a number of issues, in particular it includes a fix for
        a BIND denial of service vulnerability. [1] 
        
        As per the original ISC bulletin: "This vulnerability can be exploited
        remotely against recursive servers by inducing them to query for
        records provided by an authoritative server. It affects authoritative
        servers if a zone containing this type of resource record is loaded
        from file or provided via zone transfer." [2]


MITIGATION

        All customers should install the hotfix. [1]


REFERENCES

        [1] SOL13974: BIG-IP cumulative hotfix version 11.2.1
            http://support.f5.com/kb/en-us/solutions/public/13000/900/sol13974.html?ref=rss

        [2] ESB-2012.0871 - [Win][UNIX/Linux] BIND: Denial of service -
            Remote/unauthenticated
            https://auscert.org.au/16324

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUIo5UO4yVqjM2NGpAQIFwRAAiw4+rXmDsnKfGb9ZUaxPSQKKHnqkkbJN
Oo8EX0Tc9GwG62W8fN4YR30FIYI7CVeKr1P/3Lsa7uckRQKPCaH5p/EReDMiBY5R
nTUBcvVOJDULQVnYY586Ak9kqLKUPBSeMDVBMazaWWThig9nWEx633LIz+cXbxjg
G7kbgb1wA25T2lH5xTV1d0sygJGtrw4kC28iCQ6Juf/lGUn+jBDpodn9s4biiA3A
5gOJbWVLfc5mYWdV4tbJAX7tlz4A7Ic6Z0/bSWMHidTE44D/d/JVT2LRSCeOQNlq
bTC0DEC/isLCbWmoMkFX5UtL7nrcuWJOhGdo7RKB28QHKk88aJsZamB/fouVlxaM
gNE9o8Nrzj6jsj0wfkW2LvHYZq82fBXOlmNiiitbaI4jBQNjS9WnP/xobQUfImxS
+a+RUhTx08BLi0GQIFuhhTeblLovrr0v1F59gcZOM+/GW/ZsirxnxnLJvxdSDYfY
SDy8VXQc3ywjE87lImLzoQgMI1TGrzIuVm6jBjJ9vFQMCOY/LvSoDXAgxy4APWCh
JgcjS0hY/YGIJiEWZWjt9ceesY4mGJCq5rSvFt5QqIyFZajtL3pD6kgEpb+VI5z9
R9M4mwKPrU5GxL+KhXHsGogaM4CV2ZLYdOH+1n9HeEVLZYCeexSrM/iubozEIEcR
HGs/t2JaBfA=
=gR0Q
-----END PGP SIGNATURE-----