Lucene search
K

6551 matches found

CVE
CVE
added 2009/02/09 5:0 p.m.59 views

CVE-2008-6096

Juniper ScreenOS prior to 5.4.0r10, 6.0.0r6, and 6.1.0r2 is vulnerable to cross-site scripting due to improper sanitization of user input on the web interface and telnet login pages. The issue allows an attacker to inject arbitrary script via the username field on login, potentially affecting use...

4.3CVSS5.8AI score0.01033EPSS
Exploits0References4Affected Software1
seebug.org
seebug.org
added 2008/10/07 12:0 a.m.24 views

Juniper ScreenOS HTML注入漏洞

BUGTRAQ ID:31528 CNCAN ID:CNCAN-2008100307 Juniper ScreenOS是一款用于Juniper防火墙设备上的操作系统。 Juniper ScreenOS包含的WEB接口登录缺少充分的输入验证,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 攻击者可以在登录过程中把JavaScript代码作为用户名部分数据,然后脚本代码会存储在设备事件记录中,当事件记录在NetScreen WEB控制台查看时可导致代码执行,成功的利用此漏洞可导致系统被入侵。 Juniper Networks ScreenOS 5.4 r9.0 升级到ScreenOS...

7.1AI score
Exploits0
Prion
Prion
added 2008/10/03 3:7 p.m.78 views

Design/Logic Flaw

The IPv6 Neighbor Discovery Protocol NDP implementation in 1 FreeBSD 6.3 through 7.1, 2 OpenBSD 4.2 and 4.3, 3 NetBSD, 4 Force10 FTOS before E7.7.1.1, 5 Juniper JUNOS, and 6 Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attacke...

9.3CVSS6.6AI score0.07425EPSS
Exploits0References24Affected Software3
CVE
CVE
added 2008/10/03 3:0 p.m.136 views

CVE-2008-2476

The CVE-2008-2476 issue concerns the IPv6 Neighbor Discovery Protocol (NDP) implementation in several vendors (FreeBSD 6.3–7.1; OpenBSD 4.2–4.3; NetBSD; Force10 FTOS pre-E7.7.1.1; Juniper JUNOS; Wind River VxWorks 5.x–6.4) that does not validate the origin of Neighbor Discovery messages. This all...

9.3CVSS6.2AI score0.07425EPSS
Exploits0References24Affected Software6
securityvulns
securityvulns
added 2008/10/03 12:0 a.m.46 views

Layered Defense Research Advisory: Juniper Netscreen Firewall Cross-Site-Scripting (XSS) event log injection

================================================== Layered Defense Research Advisory 1 October 2008 ================================================== 1 Affected Product Juniper Netscreen Firewall ScreenOS version 5.4.0r9.0 ================================================== 2 Severity Rating: Low...

6.5AI score
Exploits0
securityvulns
securityvulns
added 2008/10/03 12:0 a.m.26 views

Juniper Netscreen Firewall ScreenOS crossite scripting

Persistant crossite scripting with username stored in logs...

1.8AI score
Exploits0References1Affected Software1
Prion
Prion
added 2008/06/10 6:32 p.m.29 views

Authentication flaw

SNMPv3 HMAC verification in 1 Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; 2 UCD-SNMP; 3 eCos; 4 Juniper Session and Resource Control SRC C-series 1.0.0 through 2.0.0; 5 NetApp aka Network Appliance Data ONTAP 7.3RC1 and 7.3RC2; 6 SNMP Research before 16.2; 7...

10CVSS6.8AI score0.6879EPSS
Exploits7References64Affected Software2
OSV
OSV
added 2008/06/10 6:32 p.m.2 views

DEBIAN-CVE-2008-0960

SNMPv3 HMAC verification in 1 Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; 2 UCD-SNMP; 3 eCos; 4 Juniper Session and Resource Control SRC C-series 1.0.0 through 2.0.0; 5 NetApp aka Network Appliance Data ONTAP 7.3RC1 and 7.3RC2; 6 SNMP Research before 16.2; 7...

10CVSS6.8AI score0.6879EPSS
Exploits7References1
CVE
CVE
added 2008/06/10 6:0 p.m.219 views

CVE-2008-0960

CVE-2008-0960 describes an SNMPv3 HMAC verification flaw where the client specifies the HMAC length, enabling spoofing of authenticated SNMPv3 packets. Affected implementations include Net-SNMP 5.2.x (pre-5.2.4.1), 5.3.x (pre-5.3.2.1), 5.4.x (pre-5.4.1.1); UCD-SNMP; eCos; Juniper SRC C-series (1....

10CVSS6.7AI score0.6879EPSS
Exploits7References64Affected Software2
RedHat Linux
RedHat Linux
added 2008/06/10 2:7 p.m.78 views

net-snmp SNMPv3 authentication bypass (VU#877044)

SNMPv3 HMAC verification in 1 Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; 2 UCD-SNMP; 3 eCos; 4 Juniper Session and Resource Control SRC C-series 1.0.0 through 2.0.0; 5 NetApp aka Network Appliance Data ONTAP 7.3RC1 and 7.3RC2; 6 SNMP Research before 16.2; 7...

10CVSS5.9AI score0.6879EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2008/06/10 7:1 a.m.5 views

net-snmp SNMPv3 authentication bypass (VU#877044)

SNMPv3 HMAC verification in 1 Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; 2 UCD-SNMP; 3 eCos; 4 Juniper Session and Resource Control SRC C-series 1.0.0 through 2.0.0; 5 NetApp aka Network Appliance Data ONTAP 7.3RC1 and 7.3RC2; 6 SNMP Research before 16.2; 7...

10CVSS5.9AI score0.6879EPSS
Exploits7References4
UbuntuCve
UbuntuCve
added 2008/06/10 12:0 a.m.31 views

CVE-2008-0960

SNMPv3 HMAC verification in 1 Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; 2 UCD-SNMP; 3 eCos; 4 Juniper Session and Resource Control SRC C-series 1.0.0 through 2.0.0; 5 NetApp aka Network Appliance Data ONTAP 7.3RC1 and 7.3RC2; 6 SNMP Research before 16.2; 7...

10CVSS6.6AI score0.6879EPSS
Exploits7References2
CERT
CERT
added 2008/06/10 12:0 a.m.97 views

SNMPv3 improper HMAC validation allows authentication bypass

Overview A vulnerability in the way implementations of SNMPv3 handle specially crafted packets may allow authentication bypass. Description SNMP can be configured to utilize version 3, which is the current standard version of SNMP. SNMPv3 incorporates security features such as authentication and...

6.7AI score
Exploits0References5
CERT
CERT
added 2008/05/01 12:0 a.m.30 views

BGP implementations do not properly handle UPDATE messages

Overview BGP implementations from multiple vendors including Juniper may not properly handle specially crafted BGP UPDATE messages. These vulnerabilities could allow an unauthenticated, remote attacker to cause a denial of service. Disrupting BGP communication could lead to routing instability...

7.8CVSS6.3AI score0.03745EPSS
Exploits0References17
NVD
NVD
added 2008/03/06 12:44 a.m.19 views

CVE-2008-1180

Cross-site scripting XSS vulnerability in dana-na/auth/rdremediate.cgi in Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to inject arbitrary web script or HTML via the deliverymode parameter...

4.3CVSS5.7AI score0.0179EPSS
Exploits1References7
Prion
Prion
added 2008/03/06 12:44 a.m.24 views

Information disclosure

Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to obtain sensitive information via a direct request for remediate.cgi without certain parameters, which reveals the path in an "Execute failed" error message...

5CVSS6.6AI score0.02451EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2008/03/06 12:44 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in dana-na/auth/rdremediate.cgi in Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to inject arbitrary web script or HTML via the deliverymode parameter...

4.3CVSS6.1AI score0.0179EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2008/03/06 12:44 a.m.19 views

CVE-2008-1181

Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to obtain sensitive information via a direct request for remediate.cgi without certain parameters, which reveals the path in an "Execute failed" error message...

5CVSS6.1AI score0.02451EPSS
Exploits0References4
Cvelist
Cvelist
added 2008/03/06 12:0 a.m.28 views

CVE-2008-1180

Cross-site scripting XSS vulnerability in dana-na/auth/rdremediate.cgi in Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to inject arbitrary web script or HTML via the deliverymode parameter...

5.7AI score0.0179EPSS
Exploits1References7
CVE
CVE
added 2008/03/06 12:0 a.m.52 views

CVE-2008-1180

The vulnerability CVE-2008-1180 affects Juniper Networks Secure Access 2000, version 5.5 R1 build 11711, where a Cross-site Scripting (XSS) flaw exists in dana-na/auth/rdremediate.cgi. The issue allows remote attackers to inject arbitrary web script or HTML via the delivery_mode parameter, implyi...

4.3CVSS5.7AI score0.0179EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder