7994 matches found
CVE-2016-1275
Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface...
CVE-2016-1277
Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D40, 12.3X48 before 12.3X48-D30, 13.3 before 13.3R9, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R6, 15.1 before 15.1F6 or 15.1R3, and 15.1X49 before 15.1X49-D40, when configured with a GRE or IPIP tunnel, allow remot...
CVE-2016-1279
J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D25, 13.3 before 13.3R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before...
CVE-2016-1280
PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before 15.1X49-D20, 15.1X53...
CVE-2016-1277
Juniper Junos OS versions listed (various 12.1X, 12.3X, 13.3, 14.x, 15.x) are affected when GRE or IPIP tunnels are configured. The issue is triggered by a crafted ICMP packet, causing a remote kernel panic and resulting in a denial of service. The attack is network-reachable and does not require...
CVE-2016-1275
CVE-2016-1275 affects Juniper Junos OS prior to certain releases (13.3R9, 14.1R6 to 14.1R6-S1, and 14.1 prior to 14.1R7) when VPLS routing-instances are configured. The vulnerability allows a remote, adjacent attacker to obtain sensitive mbuf information by injecting a flood of Ethernet frames wi...
CVE-2016-1280
CVE-2016-1280 affects Juniper Junos OS: remote attackers can bypass certificate validation by presenting a self-signed cert whose issuer name matches a valid Junos CA, impacting certificates used for IKE/IPsec. Affected Junos versions span many 12.x–16.1 releases (e.g., before specific revisions ...
CVE-2016-1279
CVE-2016-1279 affects Juniper Networks Junos OS J-Web. The vulnerability could allow a remote attacker to obtain sensitive information and thereby gain administrative privileges via unspecified vectors. Affected Junos versions include J-Web on 12.1X46-D45/50, 12.1X47-D35, 12.3R12, 12.3X48-D25, 13...
CVE-2016-1263
CVE-2016-1263 affects Juniper Junos OS prior to certain 64‑bit builds. The issue allows remote attackers to cause a kernel crash by sending a crafted UDP packet to the device’s interface IP, potentially triggering DoS on 64‑bit systems. Affected versions/branches include 12.1X46-D45, 12.1X46-D50,...
Juniper Junos Denial of Service Vulnerability (CNVD-2016-06867)
Juniper Junos is a Juniper Networks network operating system designed for the company's hardware systems. The operating system provides a secure programming interface and the Junos SDK. Juniper Junos has a denial of service vulnerability that could be exploited by an attacker to cause a denial of...
CVE-2016-1278
Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software" command with the...
CVE-2016-1278
Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software" command with the...
CVE-2016-1276
Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D23, 12.3X48 before 12.3X48-D25, and 15.1X49 before 15.1X49-D40 on a High-End SRX-Series chassis system with one or more Application Layer Gateways ALGs enabled allow remote attackers to cause a denial of service CPU consumption, fab lin...
CVE-2016-1276
Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D23, 12.3X48 before 12.3X48-D25, and 15.1X49 before 15.1X49-D40 on a High-End SRX-Series chassis system with one or more Application Layer Gateways ALGs enabled allow remote attackers to cause a denial of service CPU consumption, fab lin...
Design/Logic Flaw
Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software" command with the...
Design/Logic Flaw
Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D23, 12.3X48 before 12.3X48-D25, and 15.1X49 before 15.1X49-D40 on a High-End SRX-Series chassis system with one or more Application Layer Gateways ALGs enabled allow remote attackers to cause a denial of service CPU consumption, fab lin...
CVE-2016-1276
Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D23, 12.3X48 before 12.3X48-D25, and 15.1X49 before 15.1X49-D40 on a High-End SRX-Series chassis system with one or more Application Layer Gateways ALGs enabled allow remote attackers to cause a denial of service CPU consumption, fab lin...
CVE-2016-1278
Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software" command with the...
CVE-2016-1278
CVE-2016-1278 affects Juniper Junos OS on SRX Series devices. A failed upgrade to 12.1X46 can cause the device to revert to a safe mode with a flaw that allows root CLI logins without a password via the partition option of the upgrade, enabling local privilege escalation. Affected component is th...
CVE-2016-1276
CVE-2016-1276 affects Juniper Junos OS on High-End SRX-Series chassis with one or more Application Layer Gateways (ALGs) enabled. A DoS can be triggered by remote attackers via in-transit traffic matching ALG rules, causing CPU consumption, fab link failure, or flip-flop failovers. Affected versi...