50 matches found
EUVD-2014-2867
Malware in sbrugna...
EUVD-2015-7654
Malware in sbrugna...
EUVD-2016-2367
Malware in sbrugna...
EUVD-2015-7656
Malware in sbrugna...
SA40107 - Response to Juniper ScreenOS security advisory JSA10713 (CVE-2015-7755 and CVE-2015-7756)
Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Juniper announced a security advisory for their Netscreen Firewall ScreenOS product portfolio. The Juniper ScreenOS advisory can be found here: JSA10713 Related Links JSA10713...
Juniper ScreenOS Firewall Version Detection
Binary data 700601.prm...
Juniper ScreenOS Firewall Model Detection
Binary data 700600.prm...
Juniper ScreenOS < 6.3.0r26 Stored Cross Site Scripting Vulnerability (JSA10894)
The version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r26. It is, therefore, affected by stored cross site scripting vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. C Tenable...
Juniper ScreenOS < 6.3.0r25 Etherleak Vulnerability (JSA10841)
The version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r25. It is, therefore, affected by a flaw that may allow a remote attacker on the same network segment to gain access to fragments of system memory or data from previously submitted packets. Note that Nessus has not...
Juniper ScreenOS Information Disclosure Vulnerability (CNVD-2018-04211)
Juniper ScreenOS is a Juniper Networks operating system that runs in the NetScreen family of firewalls. A security vulnerability exists in Juniper ScreenOS version 6.3.0r25, which arises from the program's failure to zero-pad Ethernet packets. An attacker could exploit the vulnerability to obtain...
CVE-2018-0014
Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25...
Juniper ScreenOS 6.3.x < 6.3.0r24 SSL Death Alert (JSA10808)
The version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r24. It is, therefore, affected by a vulnerability in the way the TLS/SSL protocol specifies processing of ALERT packets during a connection handshake. Note that Nessus has not tested for these issues but has instea...
Juniper ScreenOS 6.3.x < 6.3.0r24 Multiple XSS (JSA10782)
The version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r24. It is, therefore, affected by multiple cross-site scripting XSS vulnerabilities in the web user interface due to improper validation of user-supplied input before returning it to users. An authenticated, remote...
Juniper ScreenOS 6.3.x < 6.3.0r23 Multiple Vulnerabilities in OpenSSL (JSA10759) (DROWN)
The version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r23. It is, therefore, affected by multiple vulnerabilities in its bundled version of OpenSSL : - A flaw exists in the SSLv2 implementation, specifically in the getclientmasterkey function within file s2srvr.c, due ...
Juniper ScreenOS 6.3.x < 6.3.0r22 Multiple Vulnerabilities in OpenSSL (JSA10733)
The version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r22. It is, therefore, affected by multiple vulnerabilities in its bundled version of OpenSSL : - A denial of service vulnerability exists due to improper validation of the content and length of the ASN1TIME string ...
Juniper ScreenOS 6.3.x < 6.3.0r4 Firewall Private Address Information Disclosure
The version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r4. It is, therefore, affected by an information disclosure vulnerability that allows an unauthenticated, remote attacker to gain access to the private address of the firewall. Note that Nessus has not tested for th...
Juniper ScreenOS 6.3.x < 6.3.0r21 Malformed SSL/TLS Packet DoS (JSA10732)
The remote host is running a version of Juniper ScreenOS that is 6.3.x prior to 6.3.0r21. It is, therefore, affected by a denial of service vulnerability in the administrative web services that is triggered when handling malformed SSL/TLS packets. An unauthenticated, remote attacker can exploit...
CVE-2016-1268
The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service reboot via a crafted SSL packet...
CVE-2016-1268
The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service reboot via a crafted SSL packet...
Input validation
The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service reboot via a crafted SSL packet...