CVSS: 7.5EPSS: 0%CPEs: 37EXPL: 0CVE-2017-2348 – Junos OS: jdhcpd daemon crash due to invalid IPv6 UDP packets
https://notcve.org/view.php?id=CVE-2017-2348
The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet. Both high CPU utilization and repeated crashes of the jdhcpd daemon can result in a denial of service as DHCP service is interrupted. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D12, 14.1X53-D38, 14.1X53-D40 on QFX, EX, QFabric System; 15.1 prior to 15.1F2-S18, 15.1R4 on all products and platforms; 15.1X49 prior to 15.1X49-D80 on SRX; 15.1X53 prior to 15.1X53-D51, 15.1X53-D60 on NFX, QFX, EX. El demonio jdhcpd mejorado de Juniper puede experimentar un uso elevado de la CPU, o bloquearse y reiniciar al recibir un paquete UDP IPv6 no válido. • http://www.securitytracker.com/id/1038899 https://kb.juniper.net/JSA10800 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 23EXPL: 0CVE-2017-2346 – MS-MPC or MS-MIC crash when passing large fragmented traffic through an ALG
https://notcve.org/view.php?id=CVE-2017-2346
An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG). Repeated crashes of the Service PC can result in an extended denial of service condition. The issue can be seen only if NAT or stateful-firewall rules are configured with ALGs enabled. This issue was caused by the code change for PR 1182910 in Junos OS 14.1X55-D30, 14.1X55-D35, 14.2R7, 15.1R5, and 16.1R2. No other versions of Junos OS and no other Juniper Networks products or platforms are affected by this issue. • http://www.securitytracker.com/id/1038895 https://kb.juniper.net/JSA10794 •
CVSS: 7.5EPSS: 0%CPEs: 96EXPL: 0CVE-2017-2347 – Junos: Denial of Service vulnerability in rpd daemon
https://notcve.org/view.php?id=CVE-2017-2347
A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon if MPLS OAM is configured. Repeated crashes of the rpd daemon can result in an extended denial of service condition for the device. The affected releases are Junos OS 12.3X48 prior to 12.3X48-D50, 12.3X48-D55; 13.3 prior to 13.3R10; 14.1 prior to 14.1R4-S13, 14.1R8-S3, 14.1R9; 14.1X53 prior to 14.1X53-D42, 14.1X53-D50; 14.2 prior to 14.2R4-S8, 14.2R7-S6, 14.2R8; 15.1 prior to 15.1F2-S14, 15.1F5-S7, 15.1F6-S4, 15.1F7, 15.1R4-S7, 15.1R5-S1, 15.1R6; 15.1X49 prior to 15.1X49-D100; 15.1X53 prior to 15.1X53-D105, 15.1X53-D47, 15.1X53-D62, 15.1X53-D70; 16.1 prior to 16.1R3-S3, 16.1R4. No other Juniper Networks products or platforms are affected by this issue. Una vulnerabilidad de denegación de servicio en el demonio rpd de Juniper Networks Junos OS, permite que un paquete de ping MPLS malformado bloquee el demonio rpd si MPLS OAM está configurado. • http://www.securityfocus.com/bid/100236 http://www.securitytracker.com/id/1038892 https://kb.juniper.net/JSA10795 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 9%CPEs: 137EXPL: 0CVE-2017-2345 – Junos: snmpd denial of service upon receipt of crafted SNMP packet
https://notcve.org/view.php?id=CVE-2017-2345
On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can cause the Junos OS snmpd daemon to crash and restart by sending a crafted SNMP packet. Repeated crashes of the snmpd daemon can result in a partial denial of service condition. Additionally, it may be possible to craft a malicious SNMP packet in a way that can result in remote code execution. SNMP is disabled in Junos OS by default. Junos OS devices with SNMP disabled are not affected by this issue. • http://www.securityfocus.com/bid/99567 http://www.securitytracker.com/id/1038903 https://kb.juniper.net/JSA10793 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2017-10602 – Junos OS: buffer overflow vulnerability in Junos CLI
https://notcve.org/view.php?id=CVE-2017-10602
A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D46 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4-S9, 14.2R6; 15.1 versions prior to 15.1F5, 15.1R3; 15.1X49 versions prior to 15.1X49-D40 on SRX Series; 15.1X53 versions prior to 15.1X53-D47 on NFX150, NFX250; 15.1X53 versions prior to 15.1X53-D65 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200. Una vulnerabilidad de desbordamiento de búfer en la CLI de Junos OS puede permitir que un usuario autenticado local con privilegios de solo lectura y acceso a la CLI de Junos ejecute código con privilegios root. Las versiones afectadas son Juniper Networks Junos OS: versión 14.1X53 y versiones anteriores a 14.1X53-D46 en EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; Versiones 14.1X53 anteriores a 14.1X53-D130 en QFabric System; versión 14.2 y versiones anteriores a 14.2R4-S9, 14.2R6; versión 15.1 y versiones anteriores a 15.1F5, 15.1R3; versión 15.1X49 anteriores a 15.1X49-D40 en la serie SRX; versión 15.1X53 anteriores a 15.1X53-D47 en NFX150, NFX250; versión 15.1X53 anteriores a 15.1X53-D65 en la serie QFX10000; versión 15.1X53 anteriores a 15.1X53-D233 en QFX5110, QFX5200. • http://www.securityfocus.com/bid/100323 http://www.securitytracker.com/id/1038900 https://kb.juniper.net/JSA10803 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •