54 matches found
CVE-2024-30392 Junos OS: MX Series with SPC3 and MS-MPC/-MIC: When URL filtering is enabled and a specific URL request is received a flowd crash occurs
A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon flowd of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific UR...
CVE-2024-30392 Junos OS: MX Series with SPC3 and MS-MPC/-MIC: When URL filtering is enabled and a specific URL request is received a flowd crash occurs
A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon flowd of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific UR...
CVE-2024-30392
CVE-2024-30392 describes a Stack-based Buffer Overflow in Juniper Junos OS Flow Processing Daemon (flowd) on MX platforms with SPC3 and MS-MPC/-MIC. When URL filtering is enabled, receiving a specific URL request can crash flowd and restart the PFE, causing a sustained DoS. Affected Junos OS vers...
Juniper Networks Junos OS 安全漏洞
Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS versions prior to 21.2R3-S6, 21.3 through 21.3R3-S5, 21.4 through...
CVE-2024-21601
A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the Flow-processing Daemon flowd of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. On SRX Series devices when t...
CVE-2024-21606
A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packets ...
CVE-2024-21594
A Heap-based Buffer Overflow vulnerability in the Network Services Daemon NSD of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service DoS. On an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, which...
Heap overflow
A Heap-based Buffer Overflow vulnerability in the Network Services Daemon NSD of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service DoS. On an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, which...
Double free
A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packets ...
CVE-2024-21606 Junos OS: SRX Series: When "tcp-encap" is configured and specific packets are received flowd will crash
A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packets ...
CVE-2024-21601 Junos OS: SRX Series: Due to an error in processing TCP events flowd will crash
A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the Flow-processing Daemon flowd of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. On SRX Series devices when t...
CVE-2024-21601 Junos OS: SRX Series: Due to an error in processing TCP events flowd will crash
A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the Flow-processing Daemon flowd of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. On SRX Series devices when t...
PT-2024-1128 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S5 Junos OS versions prior to 21.3R3-S5 Junos OS versions prior to 21.4R3-S4 Junos OS versions prior to 22.1R3-S3 Junos OS versions prior to 22.2R3-S1 Junos OS versions prior to 22.3R2-S2, 22.3R3 Junos OS...
Juniper Junos OS Vulnerability (JSA71645)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA71645 advisory. - An Out-of-bounds Read vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low...
CVE-2023-36838
An Out-of-bounds Read vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service DoS. If a low privileged user executes a specific CLI command, flowd which is responsible for...
PT-2023-6696 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on SRX Series versions prior to 20.2R3-S7 Juniper Networks Junos OS on SRX Series version 20.3R1 and later versions Juniper Networks Junos OS on SRX Series versions prior to 20.4R3-S6 Juniper Networks Junos OS on SRX...
Vulnerabilities fixed in Juniper Junos OS
Juniper has fixed vulnerabilities in MX and SRX systems. A unauthenticated malicious party could potentially exploit them to cause a denial-of-service DoS. To this end the malicious party can send malicious network traffic to the vulnerable system. Juniper has released updates to fix the...
CVE-2023-22411
An Out-of-Bounds Write vulnerability in Flow Processing Daemon flowd of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On SRX Series devices using Unified Policies with IPv6, when a specific IPv6 packet goes through a dynamic-applicatio...
Design/Logic Flaw
A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon flowd of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is...
Cross site scripting
An Out-of-Bounds Write vulnerability in Flow Processing Daemon flowd of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On SRX Series devices using Unified Policies with IPv6, when a specific IPv6 packet goes through a dynamic-applicatio...