The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Juniper J-Series

computer vulnerability CVE-2017-3136 CVE-2017-3137 CVE-2017-3138

ISC BIND: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of ISC BIND.
Impacted products: Debian, Fedora, HP-UX, BIND, Juniper J-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Creation date: 13/04/2017.
Identifiers: bulletinjul2018, CERTFR-2017-AVI-112, CVE-2017-3136, CVE-2017-3137, CVE-2017-3138, DLA-957-1, DSA-3854-1, FEDORA-2017-0a876b0ba5, FEDORA-2017-44e494db1e, FEDORA-2017-edce28f24b, FEDORA-2017-ee4b0f53cb, HPESBUX03747, JSA10809, JSA10810, JSA10811, JSA10813, JSA10814, JSA10816, JSA10817, JSA10818, JSA10820, JSA10821, JSA10822, JSA10825, JSA10875, openSUSE-SU-2017:1063-1, RHSA-2017:1095-01, RHSA-2017:1105-01, RHSA-2017:1582-01, RHSA-2017:1583-01, SSA:2017-103-01, SUSE-SU-2017:0998-1, SUSE-SU-2017:0999-1, SUSE-SU-2017:1027-1, USN-3259-1, VIGILANCE-VUL-22445.

Description of the vulnerability

Several vulnerabilities were announced in ISC BIND.

An attacker can force an assertion error via DNS64 break-dnssec, in order to trigger a denial of service. [severity:3/4; CVE-2017-3136]

An attacker can trigger a fatal error via CNAME Response Ordering, in order to trigger a denial of service. [severity:3/4; CVE-2017-3137]

An attacker can force an assertion error via Null Command String, in order to trigger a denial of service. [severity:2/4; CVE-2017-3138]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2009-0590 CVE-2016-1263 CVE-2016-1275

Junos: eight vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Junos.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 3/4.
Creation date: 13/07/2016.
Revision date: 12/04/2017.
Identifiers: CERTFR-2016-AVI-236, CVE-2009-0590, CVE-2016-1263, CVE-2016-1275, CVE-2016-1276, CVE-2016-1277, CVE-2016-1278, CVE-2016-1279, CVE-2016-1280, JSA10750, JSA10751, JSA10752, JSA10753, JSA10754, JSA10755, JSA10756, JSA10758, VIGILANCE-VUL-20097.

Description of the vulnerability

Several vulnerabilities were announced in Junos.

An attacker can create a memory leak via IPv6 MAC, in order to trigger a denial of service. [severity:2/4; CVE-2016-1275, JSA10750]

An attacker can trigger a fatal error via SRX, in order to trigger a denial of service. [severity:2/4; CVE-2016-1276, JSA10751]

An attacker can send a malicious ICMP packet, in order to trigger a denial of service. [severity:3/4; CVE-2016-1277, JSA10752]

An attacker can bypass security features via Partition Option, in order to escalate his privileges. [severity:2/4; CVE-2016-1278, JSA10753]

An attacker can bypass security features via J-Web, in order to escalate his privileges. [severity:3/4; CVE-2016-1279, JSA10754]

An attacker can bypass security features via Self-signed Certificate, in order to escalate his privileges. [severity:2/4; CVE-2016-1280, JSA10755]

An attacker can bypass security features via Berkeley DB, in order to obtain sensitive information. [severity:2/4; CVE-2009-0590, JSA10756]

An attacker can send a malicious UDP packet, in order to trigger a denial of service. [severity:3/4; CVE-2016-1263, JSA10758]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability announce CVE-2013-0149

OSPF: corrupting the routing database

Synthesis of the vulnerability

An attacker can spoof OSPF messages, in order to corrupt the routing database.
Impacted products: CheckPoint IP Appliance, IPSO, CheckPoint Security Gateway, Cisco ASR, ASA, Cisco Catalyst, IOS by Cisco, IOS XE Cisco, Nexus by Cisco, NX-OS, Cisco Router, ProCurve Switch, HP Switch, Juniper E-Series, Juniper J-Series, JUNOSe, Junos OS, NetScreen Firewall, ScreenOS, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Creation date: 02/08/2013.
Revisions dates: 01/08/2014, 14/02/2017.
Identifiers: BID-61566, c03880910, CERTA-2013-AVI-458, CERTA-2013-AVI-487, CERTA-2013-AVI-508, cisco-sa-20130801-lsaospf, CQ95773, CSCug34469, CSCug34485, CSCug39762, CSCug39795, CSCug63304, CVE-2013-0149, HPSBHF02912, JSA10575, JSA10580, JSA10582, PR 878639, PR 895456, sk94490, SUSE-SU-2014:0879-1, VIGILANCE-VUL-13192, VU#229804.

Description of the vulnerability

The RFC 2328 defines the OSPF protocol (Open Shortest Path First) which established IP routes, using LSA (Link State Advertisement) messages.

The LSA Type 1 Update (LSU, Link-State Update) message is used to update the routing database. However, the RFC does not request to check the "Link State ID" and "Advertising Router" fields of LSU messages. Several implementations (Cisco, Juniper, etc.) therefore do not perform this check.

An attacker can thus spoof a LSU message if he knows:
 - the IP address of the target router
 - LSA DB sequence numbers
 - the router ID of the OSPF Designated Router

An attacker can therefore spoof OSPF messages, in order to corrupt the routing database.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2017-3135

ISC BIND: assertion error via the combination DNS64+RPZ

Synthesis of the vulnerability

An attacker can force an assertion failure when functions DNS64 and RPZ of ISC BIND are both enabled, in order to trigger a denial of service.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, HP-UX, BIND, Juniper J-Series, Junos OS, SRX-Series, Data ONTAP, openSUSE Leap, Solaris, RHEL, Slackware, Ubuntu.
Severity: 2/4.
Creation date: 09/02/2017.
Identifiers: bulletinjul2018, CVE-2017-3135, DLA-843-1, DSA-3795-1, FEDORA-2017-27099c270a, FEDORA-2017-2b46c8b6c2, FEDORA-2017-96b7f4f53e, FEDORA-2017-d0c9bf9508, HPESBUX03747, JSA10799, K80533167, NTAP-20180926-0001, NTAP-20180926-0002, NTAP-20180926-0003, NTAP-20180926-0004, NTAP-20180926-0005, NTAP-20180927-0001, openSUSE-SU-2017:0620-1, RHSA-2017:0276-01, SSA:2017-041-01, USN-3201-1, VIGILANCE-VUL-21790.

Description of the vulnerability

The ISC BIND product is a DNS server.

It can compute responses for IPv6 address queries from data for IPv4 addresses. However, when this function is enabled and that the function "Response Policy Zone" is also enabled, an assertion may be evaluated as false, which stops the process with a SIGABORT signal.

An attacker can therefore force an assertion failure when functions DNS64 and RPZ of ISC BIND are both enabled, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2017-2303

Juniper Junos: denial of service via RIP

Synthesis of the vulnerability

An attacker can send malicious RIP packets to Juniper Junos, in order to trigger a denial of service.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 2/4.
Creation date: 12/01/2017.
Identifiers: CERTFR-2017-AVI-012, CVE-2017-2303, JSA10772, VIGILANCE-VUL-21559.

Description of the vulnerability

The Juniper Junos product has a service to manage received RIP packets.

However, when malicious RIP packets are received, a fatal error occurs.

An attacker can therefore send malicious RIP packets to Juniper Junos, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2017-2302

Juniper Junos: denial of service via BGP

Synthesis of the vulnerability

An attacker can send malicious BGP packets to Juniper Junos, in order to trigger a denial of service.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 2/4.
Creation date: 12/01/2017.
Identifiers: CERTFR-2017-AVI-012, CVE-2017-2302, JSA10771, VIGILANCE-VUL-21557.

Description of the vulnerability

The Juniper Junos product has a service to manage received BGP packets.

However, when malicious BGP packets are received, a fatal error occurs.

An attacker can therefore send malicious BGP packets to Juniper Junos, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2017-2301

Juniper Junos: denial of service via DHCPv6

Synthesis of the vulnerability

An attacker can send malicious DHCPv6 packets to Juniper Junos, in order to trigger a denial of service.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 2/4.
Creation date: 12/01/2017.
Identifiers: CVE-2017-2301, JSA10769, VIGILANCE-VUL-21554.

Description of the vulnerability

The Juniper Junos product has a service to manage received DHCPv6 packets.

However, when malicious DHCPv6 packets are received, a fatal error occurs.

An attacker can therefore send malicious DHCPv6 packets to Juniper Junos, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability announce CVE-2016-9131 CVE-2016-9147 CVE-2016-9444

ISC BIND: four vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of ISC BIND.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, HP-UX, AIX, BIND, Juniper J-Series, Junos OS, SRX-Series, Data ONTAP, openSUSE, openSUSE Leap, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Creation date: 12/01/2017.
Identifiers: bulletinjan2017, c05381687, CERTFR-2017-AVI-013, CERTFR-2017-AVI-111, CVE-2016-9131, CVE-2016-9147, CVE-2016-9444, CVE-2016-9778, DLA-805-1, DSA-3758-1, FEDORA-2017-59ca54c94e, FEDORA-2017-87992a0557, FEDORA-2017-8f23f564ad, FEDORA-2017-f44f2f5a48, HPESBUX03699, JSA10785, K02138183, NTAP-20180926-0001, NTAP-20180926-0002, NTAP-20180926-0003, NTAP-20180926-0004, NTAP-20180926-0005, NTAP-20180927-0001, openSUSE-SU-2017:0182-1, openSUSE-SU-2017:0193-1, RHSA-2017:0062-01, RHSA-2017:0063-01, RHSA-2017:0064-01, RHSA-2017:1583-01, SSA:2017-011-01, SSRT110304, SUSE-SU-2017:0111-1, SUSE-SU-2017:0112-1, SUSE-SU-2017:0113-1, USN-3172-1, VIGILANCE-VUL-21552.

Description of the vulnerability

Several vulnerabilities were announced in ISC BIND.

An attacker can force an assertion error via ANY Response, in order to trigger a denial of service. [severity:2/4; CVE-2016-9131]

An attacker can force an assertion error via DNSSEC Information Response, in order to trigger a denial of service. [severity:2/4; CVE-2016-9147]

An attacker can force an assertion error via DS Record Response, in order to trigger a denial of service. [severity:2/4; CVE-2016-9444]

An attacker can force an assertion error via nxdomain-redirect, in order to trigger a denial of service. [severity:2/4; CVE-2016-9778]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2016-7426 CVE-2016-7427 CVE-2016-7428

NTP.org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of NTP.org.
Impacted products: Blue Coat CAS, Cisco ASR, Cisco Catalyst, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Nexus by Cisco, NX-OS, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Prime LMS, Cisco Router, Secure ACS, Cisco CUCM, Cisco Unified CCX, Cisco MeetingPlace, Cisco Unity ~ precise, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP Switch, HP-UX, AIX, Security Directory Server, Juniper J-Series, Junos OS, Junos Space, Meinberg NTP Server, Data ONTAP, NTP.org, openSUSE Leap, Solaris, pfSense, RHEL, Slackware, Spectracom SecureSync, Synology DSM, Synology DS***, Synology RS***, Ubuntu.
Severity: 2/4.
Creation date: 21/11/2016.
Identifiers: 2009389, bulletinoct2016, CERTFR-2017-AVI-090, cisco-sa-20161123-ntpd, CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7429, CVE-2016-7431, CVE-2016-7433, CVE-2016-7434, CVE-2016-9310, CVE-2016-9311, CVE-2016-9312, FEDORA-2016-7209ab4e02, FEDORA-2016-c198d15316, FEDORA-2016-e8a8561ee7, FreeBSD-SA-16:39.ntp, HPESBHF03883, HPESBUX03706, HPESBUX03885, JSA10776, JSA10796, K51444934, K55405388, K87922456, MBGSA-1605, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2016:3280-1, pfSense-SA-17_03.webgui, RHSA-2017:0252-01, SA139, SSA:2016-326-01, TALOS-2016-0130, TALOS-2016-0131, TALOS-2016-0203, TALOS-2016-0204, USN-3349-1, VIGILANCE-VUL-21170, VU#633847.

Description of the vulnerability

Several vulnerabilities were announced in NTP.org.

An attacker can force an assertion error, in order to trigger a denial of service. [severity:2/4; CVE-2016-9311, TALOS-2016-0204]

An attacker can bypass security features via Mode 6, in order to obtain sensitive information. [severity:2/4; CVE-2016-9310, TALOS-2016-0203]

An attacker can trigger a fatal error via Broadcast Mode Replay, in order to trigger a denial of service. [severity:2/4; CVE-2016-7427, TALOS-2016-0131]

An attacker can trigger a fatal error via Broadcast Mode Poll Interval, in order to trigger a denial of service. [severity:2/4; CVE-2016-7428, TALOS-2016-0130]

An attacker can send malicious UDP packets, in order to trigger a denial of service on Windows. [severity:2/4; CVE-2016-9312]

An unknown vulnerability was announced via Zero Origin Timestamp. [severity:2/4; CVE-2016-7431]

An attacker can force a NULL pointer to be dereferenced via _IO_str_init_static_internal(), in order to trigger a denial of service. [severity:2/4; CVE-2016-7434]

An unknown vulnerability was announced via Interface selection. [severity:2/4; CVE-2016-7429]

An attacker can trigger a fatal error via Client Rate Limiting, in order to trigger a denial of service. [severity:2/4; CVE-2016-7426]

An unknown vulnerability was announced via Reboot Sync. [severity:2/4; CVE-2016-7433]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2016-8864

ISC BIND: assertion error via DNAME

Synthesis of the vulnerability

An attacker can force an assertion error via DNAME of ISC BIND, in order to trigger a denial of service.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, BIND, Juniper J-Series, Junos OS, SRX-Series, Data ONTAP, openSUSE, openSUSE Leap, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Creation date: 02/11/2016.
Identifiers: bulletinjul2018, bulletinoct2016, c05381687, CERTFR-2017-AVI-111, CVE-2016-8864, DLA-696-1, DSA-3703-1, FEDORA-2016-605fd98c32, FEDORA-2016-8e39076950, FEDORA-2016-9417b4c1dc, FEDORA-2016-e38196b52a, FreeBSD-SA-16:34.bind, HPESBUX03699, JSA10785, K35322517, NTAP-20180926-0001, NTAP-20180926-0002, NTAP-20180926-0003, NTAP-20180926-0004, NTAP-20180926-0005, NTAP-20180927-0001, openSUSE-SU-2016:2738-1, openSUSE-SU-2016:2739-1, RHSA-2016:2141-01, RHSA-2016:2142-01, RHSA-2016:2615-01, RHSA-2016:2871-01, RHSA-2017:1583-01, SOL35322517, SSA:2016-308-02, SSRT110304, SUSE-SU-2016:2696-1, SUSE-SU-2016:2697-1, SUSE-SU-2016:2706-1, VIGILANCE-VUL-20991.

Description of the vulnerability

The ISC BIND product can be configured in recursive mode.

However, if a DNS reply contains a special DNAME entry, an assertion error occurs because developers did not except this case, which stops the process.

An attacker can therefore force an assertion error via DNAME of ISC BIND, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Juniper J-Series: