Web Server / Application favicon.ico Vendor Fingerprinting

The 'favicon.ico' file found on the remote web server belongs to a popular web server. This may be used to fingerprint the web server. This script was written by Javier Fernandez-Sanguino based on sample code written by Renaud Deraison in the nessus-plugins mailing list It is distributed under th...

CVE-2005-2640

Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but...

CVE-2005-2640

Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but...

CVE-2005-2640

The CVE describes a behavioral discrepancy information leak in Juniper Netscreen VPNs running ScreenOS 5.2.0 and earlier. When using IKE with pre-shared key authentication, remote attackers can enumerate valid usernames by sending an IKE Aggressive Mode packet: a response is generated for valid u...

[Full-disclosure] Juniper Netscreen VPN Username Enumeration Vulnerability

Juniper Netscreen VPN Username Enumeration Vulnerability 1. Overview NTA Monitor has discovered a VPN username enumeration vulnerability in the Juniper Netscreen integrated Firewall/VPN products while performing a VPN security test for a customer. The vulnerability affects remote access VPNs know...

Juniper NetScreen 5.0 - VPN 'Username' Enumeration

source: https://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN users. With a valid username, an attacker can...

Juniper NetScreen 5.0 - VPN Username Enumeration

Juniper NetScreen 5.0 - VPN Username Enumeration source: https://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN...

Juniper Netscreen VPN user enumeration

Different reply for existing user in IKE...

Netscreen VPN Detection

Binary data 2950.prm...

CVE-2004-1766

The CVE refers to NetScreen-Security Manager prior to Feature Pack 1 communicating with devices using ScreenOS 5.0 without encryption, allowing remote attackers to obtain sensitive information via sniffing. The available documents state the vulnerability and its impact (information disclosure) bu...

CVE-2004-1766

The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0, which allows remote attackers to obtain sensitive information via sniffing...

CVE-2004-1446

Technical details (affected product/version, root cause, exploitability, and fix) are not publicly provided in the connected documents; monitor for updates.

CVE-2004-1446

Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service device reboot or hang via a crafted SSH v1 packet...

CVE-2004-0347

Cross-site scripting XSS vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 build 4797 allows remote authenticated users to execute arbitrary script as other users via the row parameter...

CVE-2002-1547

Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell SCS management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144...

CVE-2002-1547

Technical details for CVE-2002-1547 are not provided in the connected documents. The supplied data is limited to the initial description. Monitor for updates in case concrete details (affected products, impact, remediation) are published.

CVE-2004-0347

Cross-site scripting XSS vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 build 4797 allows remote authenticated users to execute arbitrary script as other users via the row parameter...

CVE-2004-0347

CVE-2004-0347 : A cross-site scripting (XSS) vulnerability exists in the delhomepage.cgi script of NetScreen‑SA 5000 Series running firmware 3.3 Patch 1 (build 4797). The issue allows remote authenticated users to inject and execute arbitrary script as other users via the row parameter. Affected ...

NetScreen Instant Virtual Extranet (IVE) platform contains cross-site scripting vulnerability in delhomepage.cgi

Overview NetScreen Instant Virtual Extranet IVE platform contains a cross-site scripting vulnerability in the row parameter of delhomepage.cgi, which could allow an attacker to mount a cross-site scripting attack. Description The Instant Virtual Extranet platform is an application security gatewa...

NetScreen-SA crossite scripting

Crossite scripting in delhomepage.cgi...