CVSS: 5.0EPSS: 3%CPEs: 133EXPL: 3CVE-2005-2640 – Juniper NetScreen 5.0 - VPN 'Username' Enumeration
https://notcve.org/view.php?id=CVE-2005-2640
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid. • https://www.exploit-db.com/exploits/26168 http://marc.info/?l=bugtraq&m=112438068426034&w=2 http://secunia.com/advisories/16474 http://securitytracker.com/id?1014728 http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm http://www.securityfocus.com/bid/14595 •
CVSS: 5.0EPSS: 1%CPEs: 106EXPL: 0CVE-2004-1446
https://notcve.org/view.php?id=CVE-2004-1446
Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet. • http://secunia.com/advisories/12208 http://www.juniper.net/support/security/alerts/screenos-sshv1-2.txt http://www.kb.cert.org/vuls/id/749870 http://www.securityfocus.com/bid/10854 https://exchange.xforce.ibmcloud.com/vulnerabilities/16876 •
CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 0CVE-2002-1547
https://notcve.org/view.php?id=CVE-2002-1547
Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0443.html http://archives.neohapsis.com/archives/bugtraq/2002-10/0446.html http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0053.html http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0054.html http://www.iss.net/security_center/static/10528.php http://www.kb.cert.org/vuls/id/930161 http://www.netscreen.com/support/alerts/11_06_02.html http://www.osvdb.org/4376 •
CVSS: 5.0EPSS: 1%CPEs: 9EXPL: 0CVE-2002-2150
https://notcve.org/view.php?id=CVE-2002-2150
Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections. • http://www.iss.net/security_center/static/10449.php http://www.kb.cert.org/vuls/id/539363 http://www.securityfocus.com/bid/6023 •
CVSS: 5.0EPSS: 1%CPEs: 23EXPL: 0CVE-2002-0891
https://notcve.org/view.php?id=CVE-2002-0891
The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name. El Interfaz web (WebUI) de NetScreen ScreenOS desde la 2.6.1r8 a la anterior a la 3.1.0r1 permite a atacantes remotos causar la Denegación de Servicios (por caida), mediante un nombre largo de usuario. • http://online.securityfocus.com/archive/1/274240 http://www.iss.net/security_center/static/9186.php http://www.netscreen.com/support/ns25_reboot.html http://www.securityfocus.com/bid/4842 •