17 matches found
EUVD-2015-3089
Malware in sbrugna...
Juniper Networks SRX Series 安全漏洞
Juniper Networks SRX Series is a suite of SRX Series service gateway appliances from Juniper Networks, Inc. A security vulnerability exists in the Juniper Networks SRX Series that arises from an improper validation of the correctness of input syntax in Intrusion Detection and Prevention IDP, whic...
CVE-2022-22185
A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service DoS by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding. Continued receipt and...
Design/Logic Flaw
On Juniper Networks SRX Series devices with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic wil...
Design/Logic Flaw
The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel. Continued processing of these packets may result in an extended Denial of Service DoS condition. This issue only occurs...
Juniper SRX Series Junos OS Denial of Service Vulnerability
Juniper SRX Series is an SRX Series firewall appliance from Juniper Networks, Inc. Junos OS is the operating system that runs on it. A security vulnerability exists in Junos OS versions 12.1X46, 12.3X48, and 15.1X49 on the Juniper SRX Series. An attacker could exploit this vulnerability with...
Null pointer dereference
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash. Continued receipt of this specifically crafted malicious MPLS packet will cause a sustained Denial of Service condition. This issue require it to be received on an...
CVE-2017-2343
The Integrated User Firewall UserFW feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices. As part of an internal security review of the UserFW services authentication API,...
Design/Logic Flaw
When the device is configured to perform account lockout with a defined period of time, any unauthenticated user attempting to log in as root with an incorrect password can trigger a lockout of the root account. When an SRX Series device is in cluster mode, and a cluster sync or failover operatio...
Juniper Networks Junos OS SRX Series: Possible Unauthenticated Root Login Vulnerability
Junos OS on SRX series is prone to a possible unauthenticated root login vulnerability SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Code injection
The SRX Network Security Daemon nsd in Juniper SRX Series services gateways with Junos 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 allows remote DNS servers to cause a denial of service crash via a crafted DNS response...
Juniper SRX Series services gateways privilege acquisition vulnerability
The Juniper SRX Series is a family of Juniper Networks SRX devices running the Junos operating system. A component vulnerability in Juniper SRX Series services gateways with Junos OS versions 12.1X46 prior to 12.1X46-D35, 12.1X47 prior to 12.1X47-D25, and 12.3X48 prior to 12.3X48-D15 could allow ...
CVE-2015-3007
The Juniper SRX Series services gateways with Junos OS 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 do not properly implement the "set system ports console insecure" feature, which allows physically proximate attackers to gain administrative privileges by...
CVE-2015-3007
The Juniper SRX Series services gateways with Junos OS 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 do not properly implement the "set system ports console insecure" feature, which allows physically proximate attackers to gain administrative privileges by...
CVE-2014-3825
CVE-2014-3825 affects Juniper SRX Series devices running Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10. When an Application Layer Gateway (ALG) is enabled, remote attackers can cause a denial of ser...
CVE-2014-3825
The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway ALG is enabled, allows remote attackers to cause a denial of service flowd crash...
Juniper Junos SRX Series flowd Remote DoS (JSA10610)
According to its self-reported version number, the remote Junos device is affected by a denial of service vulnerability in the flow daemon flowd. A remote attacker can exploit this, via crafted IP packets, to crash the device. C Tenable Network Security, Inc. include"compat.inc"; if description...