Netscreen Screenos Security Vulnerabilities and Issues — Netscreen Screenos CVE List

JuniperNetscreen Screenos

9 matches found

CVE•added 2002/05/03 4:0 a.m.•73 views

CVE-2002-0234

CVE-2002-0234 affects NetScreen ScreenOS prior to 2.6.1. The issue is a lack of a maximum concurrent-session limit, allowing a trusted-network attacker to perform a port scan to an external network that exhausts connections and causes denial of service. The provided documents describe the vulnera...

2.1CVSS6.8AI score0.00354EPSS

CVE•added 2004/09/01 4:0 a.m.•62 views

CVE-2002-1547

Technical details for CVE-2002-1547 are not provided in the connected documents. The supplied data is limited to the initial description. Monitor for updates in case concrete details (affected products, impact, remediation) are published.

5CVSS6.7AI score0.03547EPSS

CVE•added 2003/04/02 5:0 a.m.•60 views

CVE-2002-0891

The CVE-2002-0891 issue affects NetScreen ScreenOS WebUI (pre-2.6.1r8 and certain 2.8.x/3.0.x builds before 3.0.3r1). The vulnerability allows remote attackers to trigger a denial-of-service (crash) by sending a long user name to the WebUI. Impact is limited to availability (PARTIAL) as per the N...

5CVSS7AI score0.01632EPSS

CVE•added 2005/08/20 4:0 a.m.•59 views

CVE-2005-2640

The CVE describes a behavioral discrepancy information leak in Juniper Netscreen VPNs running ScreenOS 5.2.0 and earlier. When using IKE with pre-shared key authentication, remote attackers can enumerate valid usernames by sending an IKE Aggressive Mode packet: a response is generated for valid u...

5CVSS6.8AI score0.07093EPSS

CVE•added 2009/02/09 5:0 p.m.•58 views

CVE-2008-6096

Juniper ScreenOS prior to 5.4.0r10, 6.0.0r6, and 6.1.0r2 is vulnerable to cross-site scripting due to improper sanitization of user input on the web interface and telnet login pages. The issue allows an attacker to inject arbitrary script via the username field on login, potentially affecting use...

4.3CVSS5.8AI score0.01033EPSS

CVE•added 2005/11/16 9:17 p.m.•56 views

CVE-2002-2150

Technical details for CVE-2002-2150 are not publicly available in the provided connected documents. The materials reproduce the description but do not specify affected products, versions, root cause, or remediation. Monitor for updates.

5CVSS7.2AI score0.01986EPSS

CVE•added 2018/10/10 6:0 p.m.•56 views

CVE-2018-0059

CVE-2018-0059 concerns a stored cross-site scripting vulnerability in Juniper ScreenOS (GUI). The issue is triggered by an authenticated remote user who can inject Web/script content, potentially stealing data and credentials from a web administration session and tricking another admin into unint...

5.4CVSS5.2AI score0.00803EPSS

CVE•added 2005/02/13 5:0 a.m.•55 views

CVE-2004-1446

Technical details (affected product/version, root cause, exploitability, and fix) are not publicly provided in the connected documents; monitor for updates.

5CVSS7AI score0.03098EPSS

CVE•added 2002/03/09 5:0 a.m.•54 views

CVE-2001-0589

Technical details such as affected products, versions, root cause, or available fixes for CVE-2001-0589 are not provided in the connected documents. The given sources only reiterate the vulnerability at a high level; monitor for updates.

2.1CVSS6.7AI score0.00331EPSS