Security Finder

You can use the Security Finder to search for security issues and their impact on Riverbed products. This page is continuously updated, displaying the most current public security issues first. The search box can be used to look up records by specific CVE numbers or relevant search word, e.g. Apache, 8.5.0, Workaround. For additional search tips, refer to article S16165. Security issues listed here are categorized into three groups: fixed, workaround recommended and not applicable.

For general security topics, security best practices and other security related topics, try performing a general search.

BETA FEATURE: This feature is currently under development and is considered Beta Software. We are still enhancing the features and results so please exercise caution when interpreting and implementing the results. If you have any questions, please open a case with Riverbed Support. If you have feedback for this tool, please send it to supportfeedback@riverbed.com.

Riverbed Technology is committed to protecting customers against vulnerabilities in our supported products. Vulnerabilities are addressed in accordance to the software support policy. https://support.riverbed.com/content/support/about_support/end_of_life_policy.html

For search tips, read article S16165.

PreviousNext
TitleLast Modified
CVE-2014-9636: unzip out-of-bounds allows remote attackers to cause read/write/crash in test_compr_eb() in extract.c 2017-10-31
CVE-2011-1201, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871: multiple vulnerabilities in libxslt. 2017-10-31
CVE-2011-5321, CVE-2015-1593, CVE-2015-2830, CVE-2015-2922, CVE-2015-3636: multiple vulnerabilities in dracut. 2017-10-31
CVE-2012-5669: freetype has a vulnerability due to out of bounds read. 2017-10-31
CVE-2013-4288: polkit has a race condition vulnerability. 2017-10-31
CVE-2014-3634: rsyslog remote denial of service with crafted priority value. 2017-10-31
CVE-2013-4449: openldap improper reference counting vulnerability. 2017-10-31
CVE-2012-2137: Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel. 2017-10-31
CVE-2014-3688: The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue 2017-10-31
When the caching DNS server is enabled, it is vulnerable to CVE-2016-9131, CVE-2016-9147, CVE-2016-9444 denial of service attacks (assertion failure). 2017-10-31
CVE-2016-2776, CVE-2016-2848, CVE-2016-9147, CVE-2016-8864: Denial of service flaws found in BIND. 2017-10-09
CVE-2016-7431: ntpd has a remote denial of service vulnerability. CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7429, CVE-2016-7433, CVE-2016-7434, CVE-2016-9310, CVE-2016-9312 are not applicable or are a low security risk. 2017-10-09
CVE-2016-6313: A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output can predict the following 20 bytes. 2017-10-09
CVE-2016-8864: Caching DNS server, if enabled (not enabled by default), is vulnerable to denial of service attack. 2017-10-09
curl .47.1 has various vulnerabilities as described at https://curl.haxx.se/docs/security.html . 2017-10-09
CVE-2016-1285 and CVE-2016-1286 [BIND]: The BIND nameserver, used for the caching DNS feature, has vulnerabilities that can lead to a denial of service. 2017-10-09
The help documentation pages in the webUI could report a clickjack vulnerability when undergoing a Nessus scan of the appliance, even though there was no risk to the actual webUI. 2017-09-22
CVE-2015-1345: A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. 2017-09-22
CVE-2013-0221, CVE-2013-0222, and CVE-2013-0223 coreutils: segfaults in sort and uniq 2017-09-22
CVE-2012-3955: dhcp: reduced expiration time of an IPv6 lease may cause dhcpd to crash 2017-09-22
CVE-2011-2504 x11perfcomp has dot in its path 2017-09-22
CVE-2016-6321: GNU tar vulnerability 2017-09-22
CVE-2017-3731, CVE-2017-3732, CVE-2016-7055: OpenSSL vulnerabilities. 2017-09-22
CVE-2015-8126, CVE-2015-8472, CVE-2015-7981: libpng vulnerabilities. 2017-09-22
CVE-2016-1248: vim vulnerability 2017-09-22
CVE-2014-3566: SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack 2017-09-06
CVE-2015-7236: rpcbind: Use-after-free vulnerability in PMAP_CALLIT 2017-09-06
CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow 2017-09-06
August 10, 2016, Riverbed security advisory for SteelHead and SteelFusion Edge for NetShark feature 2017-08-30
OpenSSH before 7.2p2 has an X11 forwarding vulnerability CVE-2016-3115 (X11 forwarding is always off, so this vulnerability cannot be enabled on the appliances) 2017-08-29
OpenSSL vulnerabilities described in https://www.openssl.org/news/secadv/20160922.txt . Note that CVE-2016-6304 is a high DoS, CVE-2016-6305 is a moderate DoS, and the others, including CVE-2016-2183 SWEET32 are low. 2017-08-03
NTP vulnerabilities described at http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi 2017-06-01
OpenSSH before 7.3 has the following vulnerabilities, described in http://www.openssh.com/txt/release-7.3: CVE-2016-6515, CVE-2016-6210, CVE-2015-8325. 2017-06-01
CVE-2016-2776: Potential BIND denial-of-service attack. 2017-06-01
CVE-2016-0778 and CVE-2016-0777 - OpenSSH client-roaming buffer overflow vulnerability and information disclosure 2017-04-12
Management Console denial of service with malicious requests 2017-04-05
CVE-2017-5670, CVE-2017-7305, CVE-2017-7306, and CVE-2017-7307: Riverbed Security Advisory for the Secure Vault Feature 2017-04-04
CVE-2015-6563/CVE-2015-6564 - PAM vulnerabilities in the sshd daemon. 2017-03-29
CVE-2017-5638: Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload. Riverbed products are not vulnerable. 2017-03-24
CVE-2015-7547: buffer overflow in glibc getaddrinfo call for DNS lookups. 2017-03-15
PreviousNext