Cross site scripting

Cross-site scripting XSS vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the 1 web interface login page or the 2 telnet login page...

CVE-2008-6096

Cross-site scripting XSS vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the 1 web interface login page or the 2 telnet login page...

Juniper Netscreen Firewall ScreenOS crossite scripting

Persistant crossite scripting with username stored in logs...

Layered Defense Research Advisory: Juniper Netscreen Firewall Cross-Site-Scripting (XSS) event log injection

================================================== Layered Defense Research Advisory 1 October 2008 ================================================== 1 Affected Product Juniper Netscreen Firewall ScreenOS version 5.4.0r9.0 ================================================== 2 Severity Rating: Low...

CVE-2006-2086

Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute...

CVE-2006-2086

Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute...

Juniper NetScreen-Security Manager Remote DoS flaw

The version of Juniper NetScreen-Security Manager NSM installed on the remote host may allow an attacker to deny service to legitimate users using specially-crafted long strings to the guiSrv and devSrv processes. A watchdog service included in Juniper NSM, though, automatically restarts the...

Juniper NetScreen Security Manager (NSM) guiSrv/devSrv Crafted String Remote DoS

The version of Juniper NetScreen-Security Manager NSM installed on the remote host may allow an attacker to deny service to legitimate users using specially crafted long strings to the guiSrv and devSrv processes. A watchdog service included in Juniper NSM, though, automatically restarts the...

Juniper NetScreen-Security Manager DoS

Malformed data to TCP/7800 or TCP/7801 port causes service to crash...

CVE-2005-2640

Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but...

[Full-disclosure] Juniper Netscreen VPN Username Enumeration Vulnerability

Juniper Netscreen VPN Username Enumeration Vulnerability 1. Overview NTA Monitor has discovered a VPN username enumeration vulnerability in the Juniper Netscreen integrated Firewall/VPN products while performing a VPN security test for a customer. The vulnerability affects remote access VPNs know...

Juniper NetScreen 5.0 - VPN 'Username' Enumeration

source: https://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN users. With a valid username, an attacker can...