CVE-2016-9244
HIGHBIG-IP Local Traffic Manager - Exposure of Sensitive Information via Session Tickets
Title source: llmExploitation Summary
EIP tracks 4 public exploits for CVE-2016-9244. PoCs published by @0x00string, Ege Balci, EgeBalci.
AI-analyzed exploit summary This exploit demonstrates the Ticketbleed vulnerability (CVE-2016-9244) in F5 BIG-IP devices by leaking session IDs through malformed TLS session tickets. It uses Scapy with SSL/TLS extensions to craft and send malicious TLS handshake packets.
Description
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. A remote attacker may exploit this vulnerability to obtain Secure Sockets Layer (SSL) session IDs from other sessions. It is possible that other data from uninitialized memory may be returned as well.
Exploits (4)
This exploit demonstrates the Ticketbleed vulnerability (CVE-2016-9244) in F5 BIG-IP devices by leaking session IDs through malformed TLS session tickets. It uses Scapy with SSL/TLS extensions to craft and send malicious TLS handshake packets.
This exploit targets CVE-2016-9244, a memory leakage vulnerability in F5 BIG-IP SSL virtual servers. It checks for vulnerability and attempts to leak memory contents by sending crafted requests to the target.
This repository contains a functional exploit for CVE-2016-9244 (Ticketbleed), a vulnerability in F5 BIG-IP products that allows remote extraction of uninitialized memory. The tool is a modified version of Go's crypto/tls library, specifically altered to exploit the Ticketbleed flaw.
This repository contains a Minion plugin for detecting the Ticketbleed vulnerability (CVE-2016-9244) in F5 TLS implementations. It includes a Go-based scanner derived from Filippo Valsorda's work, integrated into a Minion framework for automated vulnerability assessment.
References (8)
Scores
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N