| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of Juniper Junos OS
curl: three vulnerabilities
Synthesis of the vulnerability
An attacker can use several vulnerabilities of curl.
Impacted products: Mac OS X, curl, Debian, Fedora, Android OS, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, Slackware, Ubuntu, WindRiver Linux, VxWorks.
Severity: 3/4.
Creation date: 09/08/2017.
Identifiers: 2011879, bulletinapr2018, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, DLA-1062-1, DSA-3992-1, FEDORA-2017-f1ffd18079, FEDORA-2017-f2df9d7772, HT208221, JSA10874, K-511316, openSUSE-SU-2017:2205-1, SSA:2017-221-01, USN-3441-1, USN-3441-2, VIGILANCE-VUL-23481.
Description of the vulnerability
Several vulnerabilities were announced in curl.
An attacker can force a read at an invalid address via Globbing, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-1000101]
An attacker can generate a buffer overflow via TFTP, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2017-1000100]
An attacker can force a read at an invalid address via FILE, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-1000099]
Complete Vigil@nce bulletin.... (Free trial) |
ISC BIND: two vulnerabilities via TSIG Authentication
Synthesis of the vulnerability
An attacker can use several vulnerabilities via TSIG Authentication of ISC BIND.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, HP-UX, AIX, BIND, Junos OS, SRX-Series, NetBSD, openSUSE Leap, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Creation date: 30/06/2017.
Revision date: 07/07/2017.
Identifiers: AA-01503, AA-01504, bulletinjan2018, CERTFR-2017-AVI-199, CVE-2017-3142, CVE-2017-3143, DLA-1025-1, DLA-1025-2, DSA-3904-1, DSA-3904-2, FEDORA-2017-001f135337, FEDORA-2017-167cfa7b09, FEDORA-2017-59127a606c, FEDORA-2017-d04f7ddd73, HPESBUX03772, JSA10875, K02230327, K59448931, openSUSE-SU-2017:1809-1, RHSA-2017:1679-01, RHSA-2017:1680-01, SSA:2017-180-02, SUSE-SU-2017:1736-1, SUSE-SU-2017:1737-1, SUSE-SU-2017:1738-1, USN-3346-1, USN-3346-2, USN-3346-3, VIGILANCE-VUL-23107.
Description of the vulnerability
Several vulnerabilities were announced in ISC BIND.
An attacker can use a Zone Transfer, in order to obtain sensitive information. [severity:2/4; AA-01504, CVE-2017-3142]
An attacker can use a Dynamic Update, in order to alter a zone. [severity:3/4; AA-01503, CERTFR-2017-AVI-199, CVE-2017-3143]
Complete Vigil@nce bulletin.... (Free trial) |
curl on MS-Windows: buffer overflow via an URL of scheme file
Synthesis of the vulnerability
An attacker can generate a buffer overflow via an URL of scheme file in curl, in order to trigger a denial of service, and possibly to run code.
Impacted products: curl, Juniper EX-Series, Junos OS, SRX-Series.
Severity: 1/4.
Creation date: 14/06/2017.
Identifiers: CVE-2017-9502, JSA10874, VIGILANCE-VUL-22977.
Description of the vulnerability
An attacker can generate a buffer overflow via an URL of scheme file in curl, in order to trigger a denial of service, and possibly to run code.
A detailed analysis was not performed for this bulletin.
Complete Vigil@nce bulletin.... (Free trial) |
ISC BIND: three vulnerabilities
Synthesis of the vulnerability
An attacker can use several vulnerabilities of ISC BIND.
Impacted products: Debian, Fedora, HP-UX, BIND, Juniper J-Series, Junos OS, SRX-Series, openSUSE Leap, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Creation date: 13/04/2017.
Identifiers: CERTFR-2017-AVI-112, CVE-2017-3136, CVE-2017-3137, CVE-2017-3138, DLA-957-1, DSA-3854-1, FEDORA-2017-0a876b0ba5, FEDORA-2017-44e494db1e, FEDORA-2017-edce28f24b, FEDORA-2017-ee4b0f53cb, HPESBUX03747, JSA10809, JSA10810, JSA10811, JSA10813, JSA10814, JSA10816, JSA10817, JSA10818, JSA10820, JSA10821, JSA10822, JSA10825, JSA10875, openSUSE-SU-2017:1063-1, RHSA-2017:1095-01, RHSA-2017:1105-01, RHSA-2017:1582-01, RHSA-2017:1583-01, SSA:2017-103-01, SUSE-SU-2017:0998-1, SUSE-SU-2017:0999-1, SUSE-SU-2017:1027-1, USN-3259-1, VIGILANCE-VUL-22445.
Description of the vulnerability
Several vulnerabilities were announced in ISC BIND.
An attacker can force an assertion error via DNS64 break-dnssec, in order to trigger a denial of service. [severity:3/4; CVE-2017-3136]
An attacker can trigger a fatal error via CNAME Response Ordering, in order to trigger a denial of service. [severity:3/4; CVE-2017-3137]
An attacker can force an assertion error via Null Command String, in order to trigger a denial of service. [severity:2/4; CVE-2017-3138]
Complete Vigil@nce bulletin.... (Free trial) |
Junos: eight vulnerabilities
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Junos.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 3/4.
Creation date: 13/07/2016.
Revision date: 12/04/2017.
Identifiers: CERTFR-2016-AVI-236, CVE-2009-0590, CVE-2016-1263, CVE-2016-1275, CVE-2016-1276, CVE-2016-1277, CVE-2016-1278, CVE-2016-1279, CVE-2016-1280, JSA10750, JSA10751, JSA10752, JSA10753, JSA10754, JSA10755, JSA10756, JSA10758, VIGILANCE-VUL-20097.
Description of the vulnerability
Several vulnerabilities were announced in Junos.
An attacker can create a memory leak via IPv6 MAC, in order to trigger a denial of service. [severity:2/4; CVE-2016-1275, JSA10750]
An attacker can trigger a fatal error via SRX, in order to trigger a denial of service. [severity:2/4; CVE-2016-1276, JSA10751]
An attacker can send a malicious ICMP packet, in order to trigger a denial of service. [severity:3/4; CVE-2016-1277, JSA10752]
An attacker can bypass security features via Partition Option, in order to escalate his privileges. [severity:2/4; CVE-2016-1278, JSA10753]
An attacker can bypass security features via J-Web, in order to escalate his privileges. [severity:3/4; CVE-2016-1279, JSA10754]
An attacker can bypass security features via Self-signed Certificate, in order to escalate his privileges. [severity:2/4; CVE-2016-1280, JSA10755]
An attacker can bypass security features via Berkeley DB, in order to obtain sensitive information. [severity:2/4; CVE-2009-0590, JSA10756]
An attacker can send a malicious UDP packet, in order to trigger a denial of service. [severity:3/4; CVE-2016-1263, JSA10758]
Complete Vigil@nce bulletin.... (Free trial) |
OSPF: corrupting the routing database
Synthesis of the vulnerability
An attacker can spoof OSPF messages, in order to corrupt the routing database.
Impacted products: CheckPoint IP Appliance, IPSO, CheckPoint Security Gateway, Cisco ASR, ASA, Cisco Catalyst, IOS by Cisco, IOS XE Cisco, Nexus by Cisco, NX-OS, Cisco Router, ProCurve Switch, HP Switch, Juniper E-Series, Juniper J-Series, JUNOSe, Junos OS, NetScreen Firewall, ScreenOS, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Creation date: 02/08/2013.
Revisions dates: 01/08/2014, 14/02/2017.
Identifiers: BID-61566, c03880910, CERTA-2013-AVI-458, CERTA-2013-AVI-487, CERTA-2013-AVI-508, cisco-sa-20130801-lsaospf, CQ95773, CSCug34469, CSCug34485, CSCug39762, CSCug39795, CSCug63304, CVE-2013-0149, HPSBHF02912, JSA10575, JSA10580, JSA10582, PR 878639, PR 895456, sk94490, SUSE-SU-2014:0879-1, VIGILANCE-VUL-13192, VU#229804.
Description of the vulnerability
The RFC 2328 defines the OSPF protocol (Open Shortest Path First) which established IP routes, using LSA (Link State Advertisement) messages.
The LSA Type 1 Update (LSU, Link-State Update) message is used to update the routing database. However, the RFC does not request to check the "Link State ID" and "Advertising Router" fields of LSU messages. Several implementations (Cisco, Juniper, etc.) therefore do not perform this check.
An attacker can thus spoof a LSU message if he knows:
- the IP address of the target router
- LSA DB sequence numbers
- the router ID of the OSPF Designated Router
An attacker can therefore spoof OSPF messages, in order to corrupt the routing database.
Complete Vigil@nce bulletin.... (Free trial) |
ISC BIND: assertion error via the combination DNS64+RPZ
Synthesis of the vulnerability
An attacker can force an assertion failure when functions DNS64 and RPZ of ISC BIND are both enabled, in order to trigger a denial of service.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, HP-UX, BIND, Juniper J-Series, Junos OS, SRX-Series, openSUSE Leap, RHEL, Slackware, Ubuntu.
Severity: 2/4.
Creation date: 09/02/2017.
Identifiers: CVE-2017-3135, DLA-843-1, DSA-3795-1, FEDORA-2017-27099c270a, FEDORA-2017-2b46c8b6c2, FEDORA-2017-96b7f4f53e, FEDORA-2017-d0c9bf9508, HPESBUX03747, JSA10799, K80533167, openSUSE-SU-2017:0620-1, RHSA-2017:0276-01, SSA:2017-041-01, USN-3201-1, VIGILANCE-VUL-21790.
Description of the vulnerability
The ISC BIND product is a DNS server.
It can compute responses for IPv6 address queries from data for IPv4 addresses. However, when this function is enabled and that the function "Response Policy Zone" is also enabled, an assertion may be evaluated as false, which stops the process with a SIGABORT signal.
An attacker can therefore force an assertion failure when functions DNS64 and RPZ of ISC BIND are both enabled, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial) |
OpenSSL: multiple vulnerabilities
Synthesis of the vulnerability
An attacker can use several vulnerabilities of OpenSSL.
Impacted products: Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Brocade vTM, Cisco ASR, Cisco ATA, AsyncOS, Cisco Catalyst, Cisco Content SMA, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Router, Cisco CUCM, Cisco Manager Attendant Console, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, Debian, BIG-IP Hardware, TMOS, Fedora, FileZilla Server, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiOS, FreeBSD, hMailServer, AIX, IRAD, Rational ClearCase, Security Directory Server, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere MQ, Copssh, Junos OS, Juniper Network Connect, NSM Central Manager, NSMXpress, SRX-Series, MariaDB ~ precise, ePO, Meinberg NTP Server, MySQL Community, MySQL Enterprise, Data ONTAP, OpenSSL, openSUSE Leap, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle Identity Management, Oracle iPlanet Web Server, Oracle OIT, Solaris, Tuxedo, VirtualBox, WebLogic, Oracle Web Tier, Palo Alto Firewall PA***, PAN-OS, Percona Server, XtraDB Cluster, pfSense, Pulse Connect Secure, Pulse Secure Client, RHEL, Slackware, stunnel, SUSE Linux Enterprise Desktop, SLES, Nessus, TrendMicro ServerProtect, Ubuntu, VxWorks.
Severity: 2/4.
Creation date: 26/01/2017.
Identifiers: 1117414, 2000544, 2000988, 2000990, 2002331, 2004036, 2004940, 2009389, 2010154, 2011567, 2012827, 2014202, 2014651, 2014669, 2015080, BSA-2016-204, BSA-2016-207, BSA-2016-211, BSA-2016-212, BSA-2016-213, BSA-2016-216, BSA-2016-234, bulletinapr2017, bulletinjan2018, bulletinoct2017, CERTFR-2017-AVI-035, CERTFR-2018-AVI-343, cisco-sa-20170130-openssl, cpuapr2017, cpujan2018, cpujul2017, cpujul2018, cpuoct2017, CVE-2016-7055, CVE-2017-3730, CVE-2017-3731, CVE-2017-3732, DLA-814-1, DSA-3773-1, FEDORA-2017-3451dbec48, FEDORA-2017-e853b4144f, FG-IR-17-019, FreeBSD-SA-17:02.openssl, JSA10775, K37526132, K43570545, K44512851, K-510805, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2017:0481-1, openSUSE-SU-2017:0487-1, openSUSE-SU-2017:0527-1, openSUSE-SU-2017:0941-1, openSUSE-SU-2017:2011-1, openSUSE-SU-2017:2868-1, openSUSE-SU-2018:0458-1, PAN-70674, PAN-73914, PAN-SA-2017-0012, PAN-SA-2017-0014, PAN-SA-2017-0016, RHSA-2017:0286-01, SA141, SA40423, SB10188, SSA:2017-041-02, SUSE-SU-2018:0112-1, TNS-2017-03, USN-3181-1, VIGILANCE-VUL-21692.
Description of the vulnerability
Several vulnerabilities were announced in OpenSSL.
An attacker can force a read at an invalid address via Truncated Packet, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2017-3731]
An attacker can force a NULL pointer to be dereferenced via DHE/ECDHE Parameters, in order to trigger a denial of service. [severity:2/4; CVE-2017-3730]
An attacker can use a carry propagation error via BN_mod_exp(), in order to compute the private key. [severity:1/4; CVE-2017-3732]
An error occurs in the Broadwell-specific Montgomery Multiplication Procedure, but with no apparent impact. [severity:1/4; CVE-2016-7055]
Complete Vigil@nce bulletin.... (Free trial) |
Juniper Junos: denial of service via RIP
Synthesis of the vulnerability
An attacker can send malicious RIP packets to Juniper Junos, in order to trigger a denial of service.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 2/4.
Creation date: 12/01/2017.
Identifiers: CERTFR-2017-AVI-012, CVE-2017-2303, JSA10772, VIGILANCE-VUL-21559.
Description of the vulnerability
The Juniper Junos product has a service to manage received RIP packets.
However, when malicious RIP packets are received, a fatal error occurs.
An attacker can therefore send malicious RIP packets to Juniper Junos, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial) |
Juniper Junos: denial of service via BGP
Synthesis of the vulnerability
An attacker can send malicious BGP packets to Juniper Junos, in order to trigger a denial of service.
Impacted products: Juniper J-Series, Junos OS, SRX-Series.
Severity: 2/4.
Creation date: 12/01/2017.
Identifiers: CERTFR-2017-AVI-012, CVE-2017-2302, JSA10771, VIGILANCE-VUL-21557.
Description of the vulnerability
The Juniper Junos product has a service to manage received BGP packets.
However, when malicious BGP packets are received, a fatal error occurs.
An attacker can therefore send malicious BGP packets to Juniper Junos, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about Juniper Junos OS:
|