PT-2024-12891 · Extreme Networks · Extremexos

Name of the Vulnerable Software and Affected Versions: Extreme Networks ExtremeXOS aka EXOS version 30.7.1.1 Description: The issue is related to the BGP daemon in Extreme Networks ExtremeXOS, which allows an attacker to cause a denial of service BGP session reset due to BGP attribute error...

The vulnerability in the configuration of the traceoptions feature of the BGP protocol in the routing protocol rpd of Juniper Networks’ Junos OS and Junos OS Evolved allows a attacker to cause a service failure.

The vulnerability of the traceoptions configuration in the BGP protocol of the routing protocol rpd for Juniper Networks’ Junos OS and Junos OS Evolved is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause...

The vulnerability in the configuration of the traceoptions feature of the BGP protocol in the routing protocol rpd of Juniper Networks’ Junos OS and Junos OS Evolved allows a attacker to cause a service failure.

The vulnerability of the traceoptions configuration in the BGP protocol of the routing protocol rpd for Juniper Networks’ Junos OS and Junos OS Evolved is related to improper verification of consistency in input data. Exploiting this vulnerability allows a malicious actor to cause service...

CVE-2024-47499

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service DoS. In a scenario where BGP Monitoring Protocol BMP is...

Vulnerabilities fixed in Juniper JunOS and JunOS Evolved

Juniper has fixed vulnerabilities in JunOS and JunOS Evolved. A malicious party could exploit the vulnerabilities to cause a denial-of-service by sending malformed BGP traffic. Juniper has made updates available to fix the vulnerabilities. See attached references for more information...

CVE-2024-39516

An Out-of-Bounds Read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service DoS. Continued...

CVE-2024-39525

An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specific BGP packet to cause rpd to crash and restart, resulting in a Denial of Service...

PT-2024-7221

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 21.4R3-S6 Junos OS versions 22.2 prior to 22.2R3-S3 Junos OS versions 22.4 prior to 22.4R3 Junos OS Evolved versions prior to 21.4R3-S7-EVO Junos OS Evolved versions 22.2 prior to 22.2R3-S4-EVO Junos OS Evolved...

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 缓冲区错误漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a suite of network operating systems dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK...

PT-2024-7149

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 21.4R3-S8 Juniper Networks Junos OS versions from 22.2 before 22.2R3-S4 Juniper Networks Junos OS versions from 22.4 before 22.4R3-S3 Juniper Networks Junos OS versions from 23.2 before 23.2R2-S1...

SUSE CVE-2017-15865

bgpd in FRRouting FRR before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes...

USN-7017-1 quagga vulnerability

Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service...

USN-7016-1 frr vulnerability

Iggy Frankovic discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service...

CVE-2024-44070

...

Windows 11 VDA seamless app launches with fullscreen black border behind logon window

The customer uses windows 11 VDAs to provide access to a published application which has desktop operating system requirement. The initial launch of the published application showed the seamless application launch with a full screen black border behind the logon window. This is disruptive to user...

Dutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S.

The Dutch Data Protection Authority DPA has fined Uber a record €290 million $324 million for allegedly failing to comply with European Union E.U. data protection standards when sending sensitive driver data to the U.S. "The Dutch DPA found that Uber transferred personal data of European taxi...

FRRouting 安全漏洞

FRRouting is the FRRouting open source suite of network routing software that runs on Unix-like platforms. A security vulnerability exists in FRRouting versions 10.1 and earlier, which stems from bgpattrencap in bgpd/bgpattr.c that does not check the actual remaining stream length before obtainin...

The vulnerability of the Daemon Routing Protocols (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause service interruptions.

The vulnerability of the Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient handling of exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger service failures through specially crafted BGP...

Sangoma Session Border Controller (SBC) Detection Consolidation

Consolidation of Sangoma Session Border Controller SBC detections. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc";...

Italtel i-MCS NFV 安全漏洞

Italtel i-MCS NFV is an IMS/NGN core and border suite from Italtel Italy. A security vulnerability exists in Italtel i-MCS NFV version 12.1.0-20211215, which stems from stored cross-site scripting that may occur via POST parameters...