Ticketbleed is a software vulnerability in the TLS/SSL stack of F5 BIG-IP appliances allowing a remote attacker to extract up to 31 bytes of uninitialised memory at a time.
This memory can potentially contain key material or sensitive data from other connections.
It is similar in spirit and implications to the well known Heartbleed vulnerability. It is different in that it exposes 31 bytes at a time instead of 64k, requiring more rounds to carry out an attack, and in that it affects the proprietary F5 TLS stack, not OpenSSL.
Versions to be vulnerable are BIG-IP devices running the versions:
- 12.0.0 – 12.1.2
- 11.4.0 – 11.6.1
Devices running the DNS (GTM) Module only are not vulnerable as they don’t terminate SSL traffic
The vulnerability lies in the implementation of Session Tickets, a resumption technique used to speed up repeated connections.
When a client supplies a Session ID together with a Session Ticket, the server is supposed to echo back the Session ID to signal acceptance of the ticket. Session IDs can be anywhere between 1 and 31 bytes in length.
The F5 stack always echoes back 32 bytes of memory, even if the Session ID was shorter. An attacker providing a 1-byte Session ID would then receive 31 bytes of uninitialized memory.
F5 Networks has published an article related to this, with solution ID K05121675: F5 TLS vulnerability CVE-2016-9244
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well.
Security Advisory Recommended Actions
If you are running a version listed in the Versions known to be vulnerable, you can eliminate this vulnerability by upgrading TMOS.
To mitigate this vulnerability, you can disable the Session Ticket option on the affected Client SSL profile. To do so, perform the following procedure:
Impact of action: Performing the following procedure should not have a negative impact on your system.
Log in to the Configuration utility.
Navigate to Local Traffic > Profiles > SSL > Client.
For the Configuration option, select Advanced.
Clear the Session Ticket check box.