Input validation

An Improper Input Validation vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS. If a BGP update message is received over an established BGP session, and that message...

CVE-2018-0015 AppFormix: Debug Shell Command Execution in AppFormix Agent

A malicious user with unrestricted access to the AppFormix application management platform may be able to access a Python debug console and execute system commands with root privilege. The AppFormix Agent exposes the debug console on a host where AppFormix Agent is executing. If the host is...

CVE-2018-0015

CVE-2018-0015 affects Juniper AppFormix: the AppFormix Agent exposes a Python debug console on the host where the agent runs, allowing a user with unrestricted access to execute commands with root privileges. Affected releases include all versions up to 2.7.3, and 2.11 before 2.11.3, and 2.15 bef...

Design/Logic Flaw

Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 halt in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on lin...

CVE-2016-4925 JUNOSe: Line Card Reset: processor exception 0x68616c74 (halt) task: scheduler, upon receipt of crafted IPv6 packet

Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 halt in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on lin...

CVE-2016-4925

CVE-2016-4925 affects Juniper JUNOSe/J Series E Series routers with IPv6 licensed and enabled. Receipt of a specifically malformed IPv6 packet can trigger a processor exception 0x68616c74 (halt) in the scheduler, causing the line card to reboot. While the line card will recover, additional malfor...

CVE-2016-4923 Junos J-Web: Cross Site Scripting Vulnerability

Insufficient cross site scripting protection in J-Web component in Juniper Networks Junos OS may potentially allow a remote unauthenticated user to inject web script or HTML and steal sensitive data and credentials from a J-Web session and to perform administrative actions on the Junos device...

CVE-2016-4924 vMX: Information leak vulnerability

An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product...

FreeBSD Security Advisory FreeBSD-SA-14:19.tcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:19.tcp Security Advisory The FreeBSD Project Topic: Denial of Service in TCP packet processing Category: core Module: inet Announced: 2014-09-16 Credits:...