CVE-2014-3814

CVE-2014-3814 affects Juniper ScreenOS NetScreen Firewall devices (pre-6.3r17) with the internal DNS lookup client. A remote attacker can cause a denial of service (crash/reboot) by sending a sequence of malformed packets to the device IP, exploiting a DNS lookup handling flaw. Evidence in connec...

CVE-2014-3813

Unspecified vulnerability in the Juniper Networks NetScreen Firewall products with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service crash and reboot via vectors related to a DNS lookup...

CVE-2014-3813

CVE-2014-3813 affects Juniper ScreenOS (NetScreen Firewall) versions prior to 6.3.0r17, where the built-in DNS lookup client is vulnerable. The DoS can be triggered remotely, causing the device to crash or reboot via DNS lookup vectors. Evidence sources: Tenable plugin for ScreenOS 6.3

CVE-2014-3814

The Juniper Networks NetScreen Firewall devices with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service crash and reboot via a sequence of malformed packets to the device IP...

Unsupported ScreenOS Operating System

According to its version, the ScreenOS operating system on the remote host is obsolete and is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenable Network...

Juniper ScreenOS 5.4 < 5.4.0r28 / 6.2 < 6.2.0r18 / 6.3 < 6.3.0r16 Malformed ICMP Echo Request DoS (JSA10604)

The remote host is running a version of Juniper ScreenOS prior to 5.4.0r28 / 6.2.0r18 / 6.3.0r16. It is, therefore, affected by a denial of service vulnerability due to a failure to properly handle ICMP echo request packets. A remote, unauthenticated attacker could potentially exploit this...

Juniper ScreenOS 5.4.x < 5.4.0r12 / 6.1.x / 6.2.x < 6.2.0r2 'about.html' Information Disclosure

The remote host is running a version of Juniper ScreenOS prior to 5.4.0r12 / 6.2.0r2. It is, therefore, affected by an information disclosure vulnerability due to system information being displayed in the 'about.html' page. A remote, unauthenticated attacker could leverage this information to aid...

Juniper ScreenOS < 5.4.0r10 / 6.0 < 6.0.0r6 / 6.1 < 6.1.0r2 Web Interface and Telnet Login Pages XSS (JSA10388)

The remote host is running a version of Juniper ScreenOS prior to 5.4.0r10 / 6.0.0r6 / 6.1.0r2. It is, therefore, affected by a cross-site scripting vulnerability due to improperly sanitizing user input to the web interface and telnet login pages. An attacker could exploit this vulnerability by...

Juniper ScreenOS Device Detection

Binary data screenosversion.nbin...

Juniper ScreenOS 6.3 < 6.3.0r17 DoS

The remote host is running a version of Juniper ScreenOS 6.3 prior to 6.3.0r17. It is, therefore, affected by a denial of service vulnerability due to a failure to properly handle SSL/TLS protocol packets. A remote, unauthenticated attacker could potentially exploit this vulnerability by sending...

Juniper ScreenOS is vulnerable to a denial of service from malformed SSL packets

Overview Juniper ScreenOS 6.3, and possibly earlier versions, is vulnerable to a denial of service from malformed SSL packets. Description Juniper ScreenOS 6.3, and possibly earlier versions, is vulnerable to a denial of service from malformed SSL packets. Additional details may be found in Junip...

NetScreen ScreenOS SSL/TLS协议报文处理拒绝服务漏洞

CVE ID:CVE-2014-2842 NetScreen ScreenOS是一款用于Juniper防火墙设备上的操作系统。 NetScreen ScreenOS处理SSL/TLS协议报文存在错误，允许攻击者利用漏洞提交特殊的请求使服务程序崩溃或重启或触发故障转移。 0 NetScreen ScreenOS 6.3 目前没有详细解决方案： https://www.juniper.net...

CVE-2014-2842

Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service crash and restart or failover via a malformed SSL/TLS packet...

Input validation

Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service crash and restart or failover via a malformed SSL/TLS packet...

CVE-2014-2842

CVE-2014-2842 affects Juniper ScreenOS 6.3 and earlier. A remote unauthenticated attacker can send malformed SSL/TLS packets to trigger a denial of service, causing the firewall to crash or failover (as described across NVD, CERT/KB, and Nessus entries). The base CVSS v2 score is 7.8 (HIGH) with ...

CVE-2014-2842

Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service crash and restart or failover via a malformed SSL/TLS packet...

CVE-2013-7313

The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial o...

CVE-2013-7313

CVE-2013-7313 affects the OSPF implementation in Juniper Junos (through 13.x, JunosE) and ScreenOS (through 6.3.x). The issue arises from not considering duplicate Link State ID values in Link State Advertisements (LSAs) when updating the LSA database, enabling remote attackers to cause routing d...

CVE-2013-6958

Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet...

Juniper ScreenOS vulnerable to denial-of-service (DoS)

Overview ScreenOS provided by Juniper Networks contains a denial-of-service DoS vulnerability. Shuichiro Suzuki of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When processing a malicious packe...