Page 2 of 9 results (0.002 seconds)

CVSS: 5.4EPSS: 0%CPEs: 67EXPL: 0

The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. La implementación de OSPF en Juniper Junos hasta la versión 13.x, JunosE, y ScreenOS hasta la versión 6.3.x no considera la posibilidad de valores Link State ID duplicados en Link State Adverisement (LSA) antes de realizar operaciones en la base de datos LSA, lo que permite a atacantes remotos provocar una denegación de servicio (interrupción de enrutamiento) u obtener información sensible de paquetes a través de un paquete LSA manipulado, una vulnerabilidad relacionada con CVE-2013-0149. • http://www.kb.cert.org/vuls/id/229804 http://www.kb.cert.org/vuls/id/BLUU-97KQ26 •

CVSS: 5.0EPSS: 3%CPEs: 133EXPL: 3

Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid. • https://www.exploit-db.com/exploits/26168 http://marc.info/?l=bugtraq&m=112438068426034&w=2 http://secunia.com/advisories/16474 http://securitytracker.com/id?1014728 http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm http://www.securityfocus.com/bid/14595 •

CVSS: 4.3EPSS: 56%CPEs: 5EXPL: 0

NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0093.html http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0094.html http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0338.html http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0347.html http://www.iss.net/security_center/static/10699.php http://www.securityfocus.com/bid/6245 • CWE-16: Configuration •

CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0

NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or Netmeeting traffic, allows remote attackers to cause a denial of service (firewall session table consumption) by establishing multiple half-open H.323 sessions, which are not cleaned up on garbage removal and do not time out for 36 hours. • http://marc.info/?l=bugtraq&m=103827647621729&w=2 http://www.securityfocus.com/bid/6250 https://exchange.xforce.ibmcloud.com/vulnerabilities/10700 •