EUVD-2015-3088

Malware in sbrugna...

CVE-2015-3006

On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOMINTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for...

Design/Logic Flaw

On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOMINTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for...

CVE-2015-3006

CVE-2015-3006 applies to Juniper Junos OS on QFX3500 and QFX3600 switches. The described vulnerability is an entropy issue: during boot the device collects too few bytes from the RANDOM_INTERRUPT entropy source, which can lead to weak or duplicate SSH keys and self-signed SSL/TLS certificates. En...

CVE-2015-3006 Junos: QFX Series: Insufficient entropy on QFX3500 and QFX3600 platforms when the system boots up

On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOMINTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for...

Authentication flaw

When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon rpd process to crash with a core file being generated. Affected...

CVE-2018-0060 Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd) process crash

An improper input validation weakness in the device control daemon process dcd of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not...

CVE-2017-2304

CVE-2017-2304 affects Juniper Junos OS on QFX3500/3600/5100/5200 and EX4300/EX4600 devices. The root cause is that Ethernet packets are not padded with zeros, allowing packets to reveal fragments of system memory or data from previous packets (Etherleak). Impact is information disclosure via netw...

Juniper Networks Junos OS Insufficient Entropy Vulnerability

Junos OS on QFX3500 and QFX3600 platforms is prone to a insufficient entropy vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...