CVSS: 5.4EPSS: 0%CPEs: 67EXPL: 0CVE-2013-7313
https://notcve.org/view.php?id=CVE-2013-7313
The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. La implementación de OSPF en Juniper Junos hasta la versión 13.x, JunosE, y ScreenOS hasta la versión 6.3.x no considera la posibilidad de valores Link State ID duplicados en Link State Adverisement (LSA) antes de realizar operaciones en la base de datos LSA, lo que permite a atacantes remotos provocar una denegación de servicio (interrupción de enrutamiento) u obtener información sensible de paquetes a través de un paquete LSA manipulado, una vulnerabilidad relacionada con CVE-2013-0149. • http://www.kb.cert.org/vuls/id/229804 http://www.kb.cert.org/vuls/id/BLUU-97KQ26 •
CVSS: 5.0EPSS: 3%CPEs: 133EXPL: 3CVE-2005-2640 – Juniper NetScreen 5.0 - VPN 'Username' Enumeration
https://notcve.org/view.php?id=CVE-2005-2640
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid. • https://www.exploit-db.com/exploits/26168 http://marc.info/?l=bugtraq&m=112438068426034&w=2 http://secunia.com/advisories/16474 http://securitytracker.com/id?1014728 http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm http://www.securityfocus.com/bid/14595 •
CVSS: 4.3EPSS: 56%CPEs: 5EXPL: 0CVE-2002-2234
https://notcve.org/view.php?id=CVE-2002-2234
NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0093.html http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0094.html http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0338.html http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0347.html http://www.iss.net/security_center/static/10699.php http://www.securityfocus.com/bid/6245 • CWE-16: Configuration •
CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0CVE-2002-2266
https://notcve.org/view.php?id=CVE-2002-2266
NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or Netmeeting traffic, allows remote attackers to cause a denial of service (firewall session table consumption) by establishing multiple half-open H.323 sessions, which are not cleaned up on garbage removal and do not time out for 36 hours. • http://marc.info/?l=bugtraq&m=103827647621729&w=2 http://www.securityfocus.com/bid/6250 https://exchange.xforce.ibmcloud.com/vulnerabilities/10700 •