11 matches found
CVE-2013-4688
CVE-2013-4688 affects Juniper Junos SRX devices running 10.4 prior to 10.4R11, where the MSRPC Application Layer Gateway (ALG) is enabled. A remote, unauthenticated attacker can crash the process by sending crafted MSRPC requests, causing a denial of service (daemon crash). The issue is rooted in...
CVE-2013-4687
CVE-2013-4687 affects Juniper Junos on SRX devices: the flowd daemon can crash when certain ALGs are enabled, triggered by crafted TCP packets. Affected versions are Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6. Impact is remote denial of service via daemon cr...
CVE-2013-4685
Juniper Junos OS contains a buffer overflow in flowd when processing HTTP messages (CVE-2013-4685). Affected are SRX devices with Captive Portal and UAC enforcer role across listed revisions: 10.4 before 10.4S14; 11.4 before 11.4R7; 12.1 before 12.1R6; and 12.1X44 before 12.1X44-D15. The vulnerab...
CVE-2014-3815
CVE-2014-3815 affects Juniper Junos SRX Series devices, where SIP ALG processing allows remote attackers to crash the flowd daemon via a crafted SIP packet. Impact described as denial of service with affected versions: Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before 12.1X47-D10. Public contex...
CVE-2014-3822
Summary: CVE-2014-3822 affects Juniper Junos SRX Series devices and relates to the IPv6-to-IPv4 translation path. The issue can be triggered by a malformed packet, causing a denial of service via the flowd process crash. Affected software/versions (as provided): Junos OS on SRX Series with 11.4 b...
CVE-2014-3825
CVE-2014-3825 affects Juniper SRX Series devices running Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10. When an Application Layer Gateway (ALG) is enabled, remote attackers can cause a denial of ser...
CVE-2014-0612
CVE-2014-0612 affects Juniper Junos OS when Dynamic IPsec VPN is enabled. A DoS condition allows remote attackers to cause new Dynamic VPN connections to fail and to induce high CPU/disk usage. Affected Junos versions include 11.4R10-S1, 11.4R11, 12.1X44 pre-D26 and pre-D30, 12.1X45 pre-D20, and ...
CVE-2014-3817
CVE-2014-3817 affects Juniper Networks Junos OS on SRX Series devices, where NAT protocol translation from IPv6 to IPv4 enabled allows remote attackers to cause a denial of service by sending a crafted IPv6→IPv4 packet that can hang or crash the flowd process. The issue impacts Junos versions lis...
CVE-2014-0617
The CVE-2014-0617 issue affects Juniper Junos OS on SRX Series gateways, with affected versions: 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before 11.4R9, and 12.1R before 12.1R7. The vulnerability is in the flow daemon (flowd) and allows a remote attacker to cause a denial of service (flow...
CVE-2013-4684
Concisely: CVE-2013-4684 affects Juniper Networks Junos OS on SRX devices where PIM and NAT are enabled. The Flow Daemon (flowd) can crash when processing specially crafted PIM packets, causing a denial of service. The OpenVAS NASL entry confirms the DoS via flowd crash; the patch path is labeled...
CVE-2014-0618
The CVE-2014-0618 entry affects Juniper Junos SRX Series gateways when configured as a UAC enforcer with Captive Portal enabled. A crafted HTTP message can cause the flowd daemon to crash, leading to remote denial of service. Affected versions include Junos releases prior to 10.4R16, 11.4R8, 12.1...