Page 92 of 537 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition for the SRX device. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D72; 12.3X48 versions prior to 12.3X48-D55; 15.1X49 versions prior to 15.1X49-D90. Una vulnerabilidad en la característica Network Address Translation - Protocol Translation (NAT-PT) de Junos OS en dispositivos de serie SRX puede permitir que un determinado paquete IPv6 válido cierre inesperadamente el demonio flowd. El cierre inesperado repetido del demonio flowd puede resultar en una condición de denegación de servicio extendida para los dispositivos de la serie SRX. • http://www.securityfocus.com/bid/103749 http://www.securitytracker.com/id/1040785 https://kb.juniper.net/JSA10845 • CWE-20: Improper Input Validation •

CVSS: 5.9EPSS: 0%CPEs: 215EXPL: 0

A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem. While a mib2d process crash can disrupt the network monitoring via SNMP, it does not impact routing, switching or firewall functionalities. SNMP is disabled by default on devices running Junos OS. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D76; 12.3 versions prior to 12.3R12-S7, 12.3R13; 12.3X48 versions prior to 12.3X48-D65; 14.1 versions prior to 14.1R9; 14.1X53 versions prior to 14.1X53-D130; 15.1 versions prior to 15.1F2-S20, 15.1F6-S10, 15.1R7; 15.1X49 versions prior to 15.1X49-D130; 15.1X53 versions prior to 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66; 16.1 versions prior to 16.1R5-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D47; 16.1X70 versions prior to 16.1X70-D10; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R2-S6, 17.1R3; Una vulnerabilidad en el demonio de subagente SNMP MIB-II (mib2d) de Junos OS podría permitir que un atacante remoto en red provoque que el proceso mib2d se cierre inesperadamente, lo que resulta en una condición de denegación de servicio (DoS) para el subsistema SNMP. Aunque un cierre inesperado del proceso mib2d puede interrumpir la monitorización de red mediante SNMP, no impacta sobre las funcionalidades de enrutamiento, switching o firewall. • http://www.securitytracker.com/id/1040787 https://kb.juniper.net/JSA10847 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 177EXPL: 0

Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. Receipt of a repeated malformed BGP UPDATEs can result in an extended denial of service condition for the device. This malformed BGP UPDATE does not propagate to other BGP peers. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D130 on SRX; 15.1X53 versions prior to 15.1X53-D66 on QFX10K; 15.1X53 versions prior to 15.1X53-D58 on EX2300/EX3400; 15.1X53 versions prior to 15.1X53-D233 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D471 on NFX; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D47; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R2-S3, 17.1R3; 17.2 versions prior to 17.2R1-S3, 17.2R2-S1, 17.2R3; 17.2X75 versions prior to 17.2X75-D70; 13.2 versions above and including 13.2R1. Versions prior to 13.2R1 are not affected. • http://www.securitytracker.com/id/1040788 https://kb.juniper.net/JSA10848 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 85EXPL: 0

On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control of the target device or other internal devices, systems or services protected by the SRX Series device. This issue only applies to devices where IDP policies are applied to one or more rules. Customers not using IDP policies are not affected. Depending on if the IDP updates are automatic or not, as well as the interval between available updates, an attacker may have more or less success in performing reconnaissance or bypass attacks on the victim SRX Series device or protected devices. ScreenOS with IDP is not vulnerable to this issue. • http://www.securityfocus.com/bid/103748 http://www.securitytracker.com/id/1040786 https://kb.juniper.net/JSA10846 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 186EXPL: 0

A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command provides the number of mbufs that are currently in use and maximum number of mbufs that can be allocated on a platform: > show system buffers 2437/3143/5580 mbufs in use (current/cache/total) Once the device runs out of mbufs it will become inaccessible and a restart will be required. This issue only affects end devices, transit devices are not affected. • http://www.securityfocus.com/bid/103740 http://www.securitytracker.com/id/1040790 https://kb.juniper.net/JSA10855 • CWE-400: Uncontrolled Resource Consumption •