Lucene search
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.JUNIPER_NSM_PSN_2012_08_688.NASLHistorySep 13, 2013 - 12:00 a.m.
Juniper NSM Linux Kernel TCP Sequence Number Generation Issue (PSN-2012-08-688)
2013-09-1300:00:00
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
35
According to the version of one or more Juniper NSM servers running on the remote host, it is potentially vulnerable to denial of service and network session hijacking attacks due to a weak IP sequence number generator.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(69873);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");
script_cve_id("CVE-2011-3188");
script_bugtraq_id(49289);
script_name(english:"Juniper NSM Linux Kernel TCP Sequence Number Generation Issue (PSN-2012-08-688)");
script_set_attribute(attribute:"synopsis", value:
"The remote host has a predictable TCP sequence number generator.");
script_set_attribute(attribute:"description", value:
"According to the version of one or more Juniper NSM servers running on
the remote host, it is potentially vulnerable to denial of service and
network session hijacking attacks due to a weak IP sequence number
generator.");
# http://kb.juniper.net/InfoCenter/index?page=content&legacyid=PSN-2012-08-688
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?63abb75f");
script_set_attribute(attribute:"solution", value:
"Upgrade to NSM version 2011.4s3 / 2012.1 or higher.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2011-3188");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2011/08/11");
script_set_attribute(attribute:"patch_publication_date", value:"2012/07/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/13");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:juniper:netscreen-security_manager");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("os_fingerprint.nasl", "juniper_nsm_gui_svr_detect.nasl", "juniper_nsm_servers_installed.nasl");
script_require_keys("Juniper_NSM_VerDetected");
exit(0);
}
include("audit.inc");
include("misc_func.inc");
include("global_settings.inc");
# Linux specific vuln according to the Vendor's advisory
os = get_kb_item("Host/OS");
if (report_paranoia < 2)
{
if (!isnull(os) && 'Linux' >!< os) audit(AUDIT_HOST_NOT, 'Linux');
}
kb_base = "Host/NSM/";
get_kb_item_or_exit("Juniper_NSM_VerDetected");
kb_list = make_list();
temp = get_kb_list("Juniper_NSM_GuiSvr/*/build");
if (!isnull(temp) && max_index(keys(temp)) > 0)
kb_list = make_list(kb_list, keys(temp));
temp = get_kb_list("Host/NSM/*/build");
if (!isnull(temp) && max_index(keys(temp)) > 0)
kb_list = make_list(kb_list, keys(temp));
if (isnull(kb_list)) audit(AUDIT_NOT_INST, "Juniper NSM Servers");
report = '';
entry = branch(kb_list);
port = 0;
kb_base = '';
if ("Juniper_NSM_GuiSvr" >< entry)
{
port = entry - "Juniper_NSM_GuiSvr/" - "/build";
kb_base = "Juniper_NSM_GuiSvr/" + port + "/";
report_str1 = "Remote GUI server version : ";
report_str2 = "Fixed version : ";
}
else
{
kb_base = entry - "build";
if ("guiSvr" >< kb_base)
{
report_str1 = "Local GUI server version : ";
report_str2 = "Fixed version : ";
}
else
{
report_str1 = "Local device server version : ";
report_str2 = "Fixed version : ";
}
}
build = get_kb_item_or_exit(entry);
version = get_kb_item_or_exit(kb_base + 'version');
disp_version = version + " (" + build + ")";
# fix : NSM version 2012.1 or later
item = eregmatch(pattern:"^([0-9.]+)", string:version);
# NSM version 2011.4s3 or later (less than build (LGB16z1c17)
if (!isnull(item))
{
if (
ver_compare(ver:item[1], fix:'2011.4', strict:FALSE) == -1 ||
version =~ "^2011.4([sS][1-2])?$"
)
{
report += '\n ' + report_str1 + disp_version +
'\n ' + report_str2 + '2011.4s3 or 2012.1' + '\n';
}
}
if (report == '') audit(AUDIT_INST_VER_NOT_VULN, "Juniper NSM GUI Server or Device Server");
if (report_verbosity > 0) security_warning(extra:report, port:port);
else security_warning(port);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| juniper | netscreen-security_manager | cpe:/a:juniper:netscreen-security_manager |
Related
ibm
ibm
prion
prion
Design/Logic Flaw
2012-05-24 23:55:00
cve
cve
CVE-2011-3188
2012-05-24 23:55:00
ubuntucve
ubuntucve
CVE-2011-3188
2011-08-25 00:00:00
veracode
veracode
Man-in-the-Middle (MitM)
2020-04-10 01:07:46
nessus
nessus
Linux Kernel TCP Sequence Number Generation Security Weakness
2011-09-23 00:00:00
F5 Networks BIG-IP : Linux kernel TCP ISN vulnerability (K15301)
2014-10-10 00:00:00
RHEL 5 : kernel (RHSA-2011:1419)
2013-01-24 00:00:00
f5
f5
K15301 : Linux kernel TCP ISN vulnerability CVE-2011-3188
2014-07-25 00:00:00
SOL15301 - Linux kernel TCP ISN vulnerability CVE-2011-3188
2014-06-02 00:00:00
redhat
redhat
(RHSA-2011:1419) Moderate: kernel security and bug fix update
2011-11-01 00:00:00
(RHSA-2011:1465) Important: kernel security and bug fix update
2011-11-22 00:00:00
(RHSA-2012:0010) Important: kernel-rt security and bug fix update
2012-01-10 00:00:00
securityvulns
securityvulns
Linux kernel security vulnerabilities
2011-09-13 00:00:00
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
2011-09-13 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2011-10-20 00:00:00
Linux kernel vulnerabilities
2011-10-25 00:00:00
Linux kernel (OMAP4) vulnerabilities
2011-10-12 00:00:00
amazon
amazon
Medium: kernel
2011-10-31 18:26:00
Medium: kernel
2011-12-02 22:23:00
openvas
openvas
Ubuntu Update for linux USN-1236-1
2011-10-21 00:00:00
Amazon Linux: Security Advisory (ALAS-2011-16)
2015-09-08 00:00:00
Ubuntu: Security Advisory (USN-1236-1)
2011-10-21 00:00:00
suse
suse
Security update for Linux kernel (important)
2011-12-13 19:08:30
Security update for Linux kernel (important)
2011-12-14 08:08:27
remote denial of service in kernel
2011-12-13 17:34:50
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2011-11-25 00:00:00
kernel security and bug fix update
2011-11-22 00:00:00
kernel security, bug fix, and enhancement update
2011-10-21 00:00:00
centos
centos
kernel security update
2011-10-21 00:31:03
osv
osv
linux-2.6 - several issues
2011-09-22 00:00:00
linux-2.6 - several issues
2011-09-10 00:00:00
debian
debian
[SECURITY] [DSA 2310-1] linux-2.6 security update
2011-09-22 22:48:48
[SECURITY] [DSA 2303-1] linux-2.6 security update
2011-09-08 21:31:02
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
2011-09-11 02:06:57
fedora
fedora
[SECURITY] Fedora 14 Update: kernel-2.6.35.14-97.fc14
2011-10-08 17:59:55
[SECURITY] Fedora 14 Update: kernel-2.6.35.14-100.fc14
2011-10-30 00:31:24
[SECURITY] Fedora 14 Update: kernel-2.6.35.14-103.fc14
2011-11-04 20:29:13
vmware
vmware
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
Related for JUNIPER_NSM_PSN_2012_08_688.NASL