Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 Tenable Network Security, Inc.JUNIPER_NSM_2012_1.NASL
HistorySep 13, 2013 - 12:00 a.m.

Juniper NSM Servers < 2012.1 Multiple Vulnerabilities

2013-09-1300:00:00
This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.
www.tenable.com
18
JSON

According to the version of one or more Juniper NSM servers running on the remote host, it is potentially vulnerable to multiple vulnerabilities, the worst of which may allow an authenticated user to trigger a denial of service condition or execute arbitrary code.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(69872);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id(
    "CVE-2004-0230",
    "CVE-2005-2798",
    "CVE-2006-0225",
    "CVE-2006-4924",
    "CVE-2006-5051",
    "CVE-2010-1169",
    "CVE-2010-1170",
    "CVE-2010-1447",
    "CVE-2010-3433",
    "CVE-2010-4015"
  );
  script_bugtraq_id(
    10183,
    14729,
    16369,
    20216,
    20241,
    40215,
    40305,
    43747,
    46084
  );

  script_name(english:"Juniper NSM Servers < 2012.1 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to the version of one or more Juniper NSM servers running on
the remote host, it is potentially vulnerable to multiple
vulnerabilities, the worst of which may allow an authenticated user to
trigger a denial of service condition or execute arbitrary code.");
  # https://kb.juniper.net/InfoCenter/index?page=content&legacyid=PSN-2012-08-686
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d9e06c1c");
  # https://kb.juniper.net/InfoCenter/index?page=content&legacyid=PSN-2012-08-687
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a46c4019");
  script_set_attribute(attribute:"solution", value:
"Upgrade to NSM version 2012.1.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(362, 399);

  script_set_attribute(attribute:"vuln_publication_date", value:"2005/09/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/07/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/13");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:juniper:netscreen-security_manager");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");

  script_dependencies("juniper_nsm_gui_svr_detect.nasl", "juniper_nsm_servers_installed.nasl");
  script_require_keys("Juniper_NSM_VerDetected");

  exit(0);
}

include("audit.inc");
include("misc_func.inc");
include("global_settings.inc");

kb_base = "Host/NSM/";

get_kb_item_or_exit("Juniper_NSM_VerDetected");

kb_list = make_list();

temp = get_kb_list("Juniper_NSM_GuiSvr/*/build");

if (!isnull(temp) && max_index(keys(temp)) > 0)
  kb_list = make_list(kb_list, keys(temp));

temp = get_kb_list("Host/NSM/*/build");
if (!isnull(temp) && max_index(keys(temp)) > 0)
  kb_list = make_list(kb_list, keys(temp));

if (isnull(kb_list)) audit(AUDIT_NOT_INST, "Juniper NSM Servers");

report = '';

entry = branch(kb_list);

port = 0;
kb_base = '';

if ("Juniper_NSM_GuiSvr" >< entry)
{
  port = entry - "Juniper_NSM_GuiSvr/" - "/build";
  kb_base = "Juniper_NSM_GuiSvr/" + port + "/";

  report_str1 = "Remote GUI server version : ";
  report_str2 = "Fixed Version             : ";
}
else
{
  kb_base = entry - "build";
  if ("guiSvr" >< kb_base)
  {
    report_str1 = "Local GUI server version : ";
    report_str2 = "Fixed version            : ";
  }
  else
  {
    report_str1 = "Local device server version : ";
    report_str2 = "Fixed version               : ";
  }
}

build = get_kb_item_or_exit(entry);
version = get_kb_item_or_exit(kb_base + 'version');

disp_version = version + " (" + build + ")";

# fix : NSM version 2012.1 or later
item = eregmatch(pattern:"^([0-9.]+)", string:version);
if (!isnull(item))
{
  fix = '2012.1';
  if (ver_compare(ver:item[1], fix:fix, strict:FALSE) == -1)
  {
    report += '\n  ' + report_str1 + disp_version +
              '\n  ' + report_str2 + '2012.1' + '\n';
  }
}

if (report == '') audit(AUDIT_INST_VER_NOT_VULN, "Juniper NSM GUI Server or Device Server");

if (report_verbosity > 0) security_hole(extra:report, port:port);
else security_hole(port);
VendorProductVersionCPE
junipernetscreen-security_managercpe:/a:juniper:netscreen-security_manager

Related

openvas 53
fedora 10
nessus 56
ubuntucve 5
debian 8
prion 2
cve 5
seebug 1
threatpost 2
centos 3
redhat 4
osv 4
ubuntu 3
f5 5
freebsd 3
checkpoint_security 3
freebsd_advisory 2
oraclelinux 3
securityvulns 9
slackware 1
suse 1
gentoo 2
debiancve 3
cisco 2
checkpoint_advisories 2
fortinet 1
cert 2
altlinux 1
packetstorm 2
symantec 1
openvas
openvas
Fedora Update for postgresql FEDORA-2011-0963
2011-02-11 00:00:00
Fedora Update for postgresql FEDORA-2011-0963
2011-02-11 00:00:00
Fedora Update for postgresql FEDORA-2010-15954
2010-10-22 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: postgresql-8.4.7-1.fc13
2011-02-09 20:21:57
[SECURITY] Fedora 12 Update: postgresql-8.4.5-1.fc12
2010-10-19 07:19:06
[SECURITY] Fedora 14 Update: sepostgresql-9.0.1-20101007.fc14
2010-10-28 06:14:45
nessus
nessus
Fedora 13 : sepostgresql-9.0.1-20101007.fc13 (2010-16004)
2010-10-28 00:00:00
Fedora 14 : sepostgresql-9.0.1-20101007.fc14 (2010-15870)
2010-10-29 00:00:00
RHEL 2.1 : openssh (RHSA-2006:0698)
2006-09-29 00:00:00
ubuntucve
ubuntucve
CVE-2010-3433
2010-10-05 00:00:00
CVE-2010-1169
2010-05-18 00:00:00
CVE-2006-5051
2006-09-27 00:00:00
debian
debian
BSA-005 Security Update for postgresql-8.4
2010-10-10 12:48:58
BSA-005 Security Update for postgresql-8.4
2010-10-10 12:48:45
[SECURITY] [DSA 1212-1] New openssh packages fix denial of service
2006-11-15 17:26:52
prion
prion
Code injection
2010-10-06 17:00:00
Code injection
2010-05-19 18:30:00
cve
cve
CVE-2010-3433
2010-10-06 17:00:00
CVE-2010-1169
2010-05-19 18:30:00
CVE-2006-5051
2006-09-27 23:07:00
seebug
seebug
PostgreSQL PL/perl和PL/tcl存储过程绕过安全限制漏洞
2010-05-20 00:00:00
threatpost
threatpost
PostgreSQL Vulnerabilities Fixed
2010-05-17 14:36:50
FreeBSD Patches TCP Processing DoS Vulnerability
2014-09-17 12:04:05
centos
centos
openssh security update
2006-10-02 01:42:56
openssh, openssl, openssl096b security update
2006-09-29 03:31:38
postgresql84 security update
2010-05-28 10:47:00
redhat
redhat
(RHSA-2006:0698) openssh security update
2006-09-28 00:00:00
(RHSA-2006:0697) openssh security update
2006-09-28 00:00:00
(RHSA-2010:0430) Moderate: postgresql84 security update
2010-05-19 00:00:00
osv
osv
openssh
2006-11-15 00:00:00
openssh-krb5
2006-10-04 00:00:00
postgresql-8.3 - several
2010-05-24 00:00:00
ubuntu
ubuntu
openssh vulnerabilities
2006-10-02 00:00:00
PostgreSQL vulnerabilities
2010-05-21 00:00:00
PostgreSQL vulnerability
2010-10-07 00:00:00
f5
f5
SOL6736 - OpenSSH vulnerabilities CAN-2006-5051, CAN-2006-4924
2006-10-10 00:00:00
K6736 : OpenSSH vulnerabilities CAN-2006-5051, CAN-2006-4924
2013-03-27 00:00:00
SOL3126 - Large TCP window sizes may make it easier to predict sequence numbers vulnerability CVE-2004-0230
2007-05-16 00:00:00
freebsd
freebsd
openssh -- multiple vulnerabilities
2006-09-25 00:00:00
TCP denial-of-service attacks against long lived connections
1995-06-01 00:00:00
FreeBSD -- Denial of Service in TCP packet processing
2014-09-16 00:00:00
checkpoint_security
checkpoint_security
OpenSSH vulnerabilities: CVE-2006-5051 and CVE-2006-4924
2006-11-19 22:00:00
Check Point response to OpenSSH vulnerabilities: CVE-2006-5051 and CVE-2006-4924
2011-05-03 21:00:00
Check Point response to CVE-2004-0230
2013-06-24 21:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-06:22.openssh
2006-09-30 00:00:00
FreeBSD-SA-14:19.tcp
2014-09-16 00:00:00
oraclelinux
oraclelinux
Important openssh security update
2006-11-30 00:00:00
postgresql security update
2011-02-03 00:00:00
postgresql84 security update
2010-05-19 00:00:00
securityvulns
securityvulns
PostgreSQL code execution
2010-05-26 00:00:00
[USN-942-1] PostgreSQL vulnerabilities
2010-05-26 00:00:00
[security bulletin] SSRT4696 rev. 0 HP ProCurve Routing Switches TCP Denial of Service &#40;DoS&#41;
2004-05-21 00:00:00
slackware
slackware
[slackware-security] openssh
2006-09-29 07:57:38
suse
suse
remote denial of service in openssh
2006-10-20 14:30:36
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2011-10-25 00:00:00
OpenSSH: Denial of service
2006-09-27 00:00:00
debiancve
debiancve
CVE-2006-5051
2006-09-27 23:07:00
CVE-2004-0230
2004-08-18 04:00:00
CVE-2006-4924
2006-09-27 01:07:00
cisco
cisco
TCP Vulnerabilities in Multiple Non-IOS Cisco Products
2004-04-20 21:00:00
TCP Vulnerabilities in Multiple IOS-Based Cisco Products
2004-04-20 21:00:00
checkpoint_advisories
checkpoint_advisories
Spoofed Reset (CVE-2004-0230)
2019-06-23 00:00:00
OpenSSH sshd Identical Blocks Denial of Service (CVE-2006-4924)
2009-10-21 00:00:00
fortinet
fortinet
Protect
2020-05-20 00:00:00
cert
cert
The Border Gateway Protocol relies on persistent TCP sessions without specifying authentication requirements
2004-04-20 00:00:00
OpenSSH contains a race condition vulnerability
2006-10-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package postgresql12 version 9.0.3-alt1
2011-02-02 00:00:00
packetstorm
packetstorm
Kreset.pl
2004-04-25 00:00:00
disconn.py
2004-04-28 00:00:00
symantec
symantec
Multiple Vendor TCP Sequence Number Approximation Vulnerability
2004-04-20 00:00:00
JSON
Related for JUNIPER_NSM_2012_1.NASL
openvas53fedora10nessus56ubuntucve5debian8prion2cve5seebug1threatpost2centos3redhat4osv4ubuntu3f55freebsd3checkpoint_security3freebsd_advisory2oraclelinux3securityvulns9slackware1suse1gentoo2debiancve3cisco2checkpoint_advisories2fortinet1cert2altlinux1packetstorm2symantec1