Bug ID 469825: Enforcer may crash when trying to match signatures on body of re-constructed request

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4

Fixed In:
11.6.0, 11.5.1 HF5

Opened: Jul 01, 2014
Severity: 2-Critical

Symptoms

The BIG-IP system may temporarily fail to process traffic.

Impact

The BIG-IP system may temporarily fail to process traffic.

Conditions

1. Configure blocking bot detection with fingerprint. 2. Send a POST request without a referrer with some payload that includes a content attack signature that gets a client side challenge response.

Workaround

N/A

Fix Information

We fixed an issue where rarely the Enforcer crashed when trying to match signatures on the body of a re-constructed POST request.

Behavior Change