CVE-2017-2336

CVE-2017-2336 is a reflected cross-site scripting vulnerability in Juniper ScreenOS (NetScreen Firewall+VPN) affecting ScreenOS 6.3.x prior to 6.3.0r24 on SSG Series. The issue allows a network-based attacker to inject HTML/JavaScript into a management session of other users, including administra...

CVE-2017-2337

CVE-2017-2337 concerns a persistent XSS flaw in Juniper Networks ScreenOS, affecting the NetScreen/WebUI of SSG Series devices. The issue allows a user with the 'security' role to inject HTML/JavaScript into another user’s management session, including administrators, effectively enabling command...

CVE-2017-2339

The CVE-2017-2339 issue concerns a persistent cross-site scripting (XSS) vulnerability in Juniper Networks ScreenOS, specifically within the NetScreen WebUI of the ScreenOS-based NetScreen Firewall+VPN. The vulnerability allows a user with the security role to inject HTML/JavaScript into other us...

CVE-2017-2336 ScreenOS: XSS vulnerability in ScreenOS Firewall

A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the attacker...

CVE-2017-2337 ScreenOS: XSS vulnerability in ScreenOS Firewall

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the...

CVE-2017-2338

CVE-2017-2338 describes a persistent cross-site scripting (XSS) vulnerability in Juniper Networks ScreenOS WebUI used by NetScreen Firewall+VPN. A user with the security role can inject HTML/JavaScript into other users’ management sessions, potentially granting the attacker the ability to execute...

CVE-2017-2335 ScreenOS: XSS vulnerability in ScreenOS Firewall

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the...

CVE-2017-2339 ScreenOS: XSS vulnerability in ScreenOS Firewall

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the...

help.netscreen.com XSS vulnerability

Open Bug Bounty ID: OBB-187513 Description| Value ---|--- Affected Website:| help.netscreen.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2016-5357

wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service application crash via a crafted file...

DEBIAN-CVE-2016-5357

wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service application crash via a crafted file...

CVE-2016-5357

wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service application crash via a crafted file...

Integer overflow

wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service application crash via a crafted file...

UBUNTU-CVE-2016-5357

wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service application crash via a crafted file...

CVE-2016-5357

CVE-2016-5357 affects Wireshark 1.12.x up to before 1.12.12 and 2.x up to before 2.0.4. The NetScreen file parser (wiretap/netscreen.c) mishandles sscanf unsigned‑integer parsing, enabling a remote attacker to crash the application (DoS) via a crafted file. Remediation in the public record is to ...

FreeBSD : wireshark -- multiple vulnerabilities (313e9557-41e8-11e6-ab34-002590263bf5)

Wireshark development team reports : The following vulnerabilities have been fixed : - wnpa-sec-2016-29 The SPOOLS dissector could go into an infinite loop. Discovered by the CESG. - wnpa-sec-2016-30 The IEEE 802.11 dissector could crash. Bug 11585 - wnpa-sec-2016-31 The IEEE 802.11 dissector cou...

DSA-3615-1 wireshark - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3615-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Wireshark 1.12.x < 1.12.12 Multiple DoS

The version of Wireshark installed on the remote Windows host is 1.12.x prior to 1.12.12. It is, therefore, affected by multiple denial of service vulnerabilities : - An infinite loop exists in the SPOOLs dissector. A remote attacker, via a specially crafted packet or trace file, can exploit this...

Wireshark 2.0.x < 2.0.4 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.4 advisory. - epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the...