6553 matches found
CVE-2009-3487
Multiple cross-site scripting XSS vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via 1 the JEXECOUTID parameter in a JEXECMODERELAYOUTPUT action to the jexec program; the 2 act, 3 refresh-time, or 4 ifid...
CVE-2009-3487
CVE-2009-3487 affects Juniper JUNOS 8.5R1.14 through the J-Web interface, with multiple XSS vectors that allow remote authenticated users to inject arbitrary script/HTML. Affected components/functions include: JEXEC_OUTID in JEXEC_MODE_RELAY_OUTPUT for the jexec program; parameters in scripter.ph...
CVE-2009-3485
Cross-site scripting XSS vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the default URI...
CVE-2009-3485
CVE-2009-3485 is a cross-site scripting (XSS) vulnerability in the J-Web interface of Juniper JUNOS 8.5R1.14 and 9.0R1.1. The issue allows remote attackers to inject arbitrary web script or HTML via PATH_INFO to the default URI. Affected component: J-Web (Junos OS). Root cause: insufficient input...
Juniper Junos 8.59.0 J-Web Interface - diagnose Multiple Cross-Site Scripting Vulnerabilities
Juniper Junos 8.59.0 J-Web Interface - diagnose Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize...
Juniper Junos 8.59.0 J - Web Interface (Multiple Script) m[] Cross-Site Scripting
Juniper Junos 8.59.0 J - Web Interface Multiple Script m Cross-Site Scripting source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to...
Juniper Junos 8.59.0 J-Web Interface - configuration Multiple Cross-Site Scripting Vulnerabilities
Juniper Junos 8.59.0 J-Web Interface - configuration Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize...
Juniper Junos 8.59.0 J-Web Interface - scripter.php Multiple Cross-Site Scripting Vulnerabilities
Juniper Junos 8.59.0 J-Web Interface - scripter.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize...
Juniper Junos 8.59.0 J - Web Interface PATH_INFO Cross-Site Scripting
Juniper Junos 8.59.0 J - Web Interface PATHINFO Cross-Site Scripting source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to J-Web Junip...
Juniper Junos 8.5/9.0 J-Web Interface - 'scripter.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to J-Web Juniper Web Management. Attacker-supplied HTML or JavaScript code could ru...
Juniper Junos 8.5/9.0 J-Web Interface - '/configuration' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to J-Web Juniper Web Management. Attacker-supplied HTML or JavaScript code could ru...
Juniper Junos 8.5/9.0 J - Web Interface (Multiple Script) 'm[]' Cross-Site Scripting
source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to J-Web Juniper Web Management. Attacker-supplied HTML or JavaScript code could ru...
Juniper Junos 8.5/9.0 J-Web Interface - '/diagnose' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to J-Web Juniper Web Management. Attacker-supplied HTML or JavaScript code could ru...
Juniper Junos 8.5/9.0 J - Web Interface 'PATH_INFO' Cross-Site Scripting
source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to J-Web Juniper Web Management. Attacker-supplied HTML or JavaScript code could ru...
SafeNet SoftRemote IKE Service Buffer Overflow
This module exploits a stack buffer overflow in Safenet SoftRemote IKE IreIKE.exe service. When sending a specially crafted udp packet to port 62514 an attacker may be able to execute arbitrary code. This module has been tested with Juniper NetScreen-Remote 10.8.0 Build 20 using...
Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in the JuniperSetupDLL.dll library which is called by the JuniperSetup.ocx ActiveX control, as part of the Juniper SSL-VPN IVE appliance. By specifying an overly long string to the ProductName object parameter, the stack is overwritten. This module...
Juniper Networks ScreenOS about.html页面信息泄露漏洞
BUGTRAQ ID: 34710 ScreenOS是Netscreen防火墙安全解决方案所使用的操作系统。 如果远程攻击者请求了ScreenOS的about.html文件,防火墙就会返回ScreenOS版本、补丁级别和功能集,这样无需任何认证便检索到了有关防火墙操作系统的信息。 Juniper Networks ScreenOS 6.2 Juniper Networks ScreenOS 6.1 Juniper Networks ScreenOS 5.4 Juniper Networks ---------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载...
Juniper Netscreen information leak
/about.html page shows device version information...
Juniper Advisory
PR09-05: ScreenOS remote information disclosure on Juniper Netscreen ScreenOS Firewalls Vulnerability found: 22nd March 2009 Vendor informed: 22nd March 2009 Severity: Low information disclosure Description: By simply requesting the about.html file, the firewall returns the version of ScreenOS an...
Cross site scripting
Cross-site scripting XSS vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the 1 web interface login page or the 2 telnet login page...