CVSS: 7.5EPSS: 0%CPEs: 75EXPL: 0CVE-2017-2314 – Junos: RPD crash due to malformed BGP OPEN message
https://notcve.org/view.php?id=CVE-2017-2314
Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to crash and restart. By continuously sending specially crafted BGP OPEN messages, an attacker can repeatedly crash the rpd process causing prolonged denial of service. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 12.3 prior to 12.3R12-S4, 12.3R13, 12.3R3-S4; 12.3X48 prior to 12.3X48-D50; 13.3 prior to 13.3R4-S11, 13.3R10; 14.1 prior to 14.1R8-S3, 14.1R9; 14.1X53 prior to 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R4-S7, 14.2R6-S4, 14.2R7; 15.1 prior to 15.1F2-S11, 15.1F4-S1-J1, 15.1F5-S3, 15.1F6, 15.1R4; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D33, 15.1X53-D50. La recepción de un mensaje BGP OPEN malformado puede causar que el proceso routing protocol daemon (rpd) se bloquee y reinicie. • http://www.securitytracker.com/id/1038889 https://kb.juniper.net/JSA10779 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 134EXPL: 0CVE-2017-2344 – Junos: Buffer overflow in sockets library
https://notcve.org/view.php?id=CVE-2017-2344
A routine within an internal Junos OS sockets library is vulnerable to a buffer overflow. Malicious exploitation of this issue may lead to a denial of service (kernel panic) or be leveraged as a privilege escalation through local code execution. The routines are only accessible via programs running on the device itself, and veriexec restricts arbitrary programs from running on Junos OS. There are no known exploit vectors utilizing signed binaries shipped with Junos OS itself. Affected releases are Juniper Networks Junos OS 12.1X46 prior to 12.1X46-D67; 12.3X48 prior to 12.3X48-D51, 12.3X48-D55; 13.3 prior to 13.3R10-S2; 14.1 prior to 14.1R2-S10, 14.1R8-S4, 14.1R9; 14.1X50 prior to 14.1X50-D185; 14.1X53 prior to 14.1X53-D122, 14.1X53-D45, 14.1X53-D50; 14.2 prior to 14.2R4-S9, 14.2R7-S7, 14.2R8; 15.1 prior to 15.1F2-S18, 15.1F6-S7, 15.1R4-S8, 15.1R5-S5, 15.1R6-S1, 15.1R7; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D231, 15.1X53-D47, 15.1X53-D48, 15.1X53-D57, 15.1X53-D64, 15.1X53-D70; 16.1 prior to 16.1R3-S4, 16.1R4-S3, 16.1R4-S4, 16.1R5; 16.2 prior to 16.2R2; 17.1 prior to 17.1R1-S3, 17.1R2; 17.2 prior to 17.2R1-S1, 17.2R2; 17.2X75 prior to 17.2X75-D30. • http://www.securityfocus.com/bid/99556 http://www.securitytracker.com/id/1038896 https://kb.juniper.net/JSA10792 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 53EXPL: 0CVE-2017-10601 – Junos OS: Insufficient authentication for user login when a specific system configuration error occurs.
https://notcve.org/view.php?id=CVE-2017-10601
A specific device configuration can result in a commit failure condition. When this occurs, a user is logged in without being prompted for a password while trying to login through console, ssh, ftp, telnet or su, etc., This issue relies upon a device configuration precondition to occur. Typically, device configurations are the result of a trusted administrative change to the system's running configuration. The following error messages may be seen when this failure occurs: mgd: error: commit failed: (statements constraint check failed) Warning: Commit failed, activating partial configuration. Warning: Edit the router configuration to fix these errors. • http://www.securitytracker.com/id/1038902 https://kb.juniper.net/JSA10802 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 96EXPL: 0CVE-2017-2303
https://notcve.org/view.php?id=CVE-2017-2303
On Juniper Networks products or platforms running Junos OS 12.1X46 prior to 12.1X46-D50, 12.1X47 prior to 12.1X47-D40, 12.3 prior to 12.3R13, 12.3X48 prior to 12.3X48-D30, 13.2X51 prior to 13.2X51-D40, 13.3 prior to 13.3R10, 14.1 prior to 14.1R8, 14.1X53 prior to 14.1X53-D35, 14.1X55 prior to 14.1X55-D35, 14.2 prior to 14.2R5, 15.1 prior to 15.1F6 or 15.1R3, 15.1X49 prior to 15.1X49-D30 or 15.1X49-D40, 15.1X53 prior to 15.1X53-D35, and where RIP is enabled, certain RIP advertisements received by the router may cause the RPD daemon to crash resulting in a denial of service condition. En productos o plataformas Juniper Networks que ejecutan Junos OS 12.1X46 anteriores a 12.1X46-D50, 12.1X47 anteriores a 12.1X47-D40, 12.3 anteriores a 12.3R13, 12.3X48 anteriores a 12.3X48-D30, 13.2X51 anteriores a 13.2X51-D40, 13.3 anteriores a 13.3R10, 14.1 anteriores a 14.1R8, 14.1X53 anteriores a 14.1X53-D35, 14.1X55 anteriores a 14.1X55-D35, 14.2 anteriores a 14.2R5, 15.1 anteriores a 15.1F6 o 15.1R3, 15.1X49 anteriores a 15.1X49-D30 o 15.1X49-D40, 15.1X53 anteriores a 15.1X53-D35, y donde RIP está habilitado, ciertos anuncios RIP recibidos por el router pueden causar que el demonio de RPD se bloquee resultando en una condición de denegación de servicio. • http://www.securityfocus.com/bid/95408 http://www.securitytracker.com/id/1037594 https://kb.juniper.net/JSA10772 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2300
https://notcve.org/view.php?id=CVE-2017-2300
On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets. En los clústeres de tipo chassis de dispositivos Juniper Networks SRX Series Services Gateways que ejecutan el sistema operativo versiones: Junos 12.1X46 anterior a 12.1X46-D65, 12.3X48 anterior a 12.3X48-D40 y12.3X48 anterior a 12.3X48-D60, el demonio flowd en el nodo principal del clúster, puede bloquearse y reiniciarse al intentar sincronizar una sesión multicast creada mediante paquetes multicast especialmente diseñados. • http://www.securityfocus.com/bid/95400 http://www.securitytracker.com/id/1037597 https://kb.juniper.net/JSA10768 •