A Malicious user can cause a remote denial of service in Juniper NSM (NetScreen-Security Manager) by sending specially crafted and long strings to guiSrv(port 7800) and devSrv(port 7801).
797817f93ca63bd55c20e9ac4d6c679d95eeadee929cea0952179beb1d73a6e5
Juniper NSM remote Denial Of Service
"NetScreen-Security Manager is a software that enables you to integrate and
centralize management of your Juniper Networks NetScreen security environment."
More information can be found on
http://www.juniper.net/customers/support/products/nsm.jsp
Description:
Malicious user can cause a remote denial of service on
guiSrv(port 7800) and devSrv(port 7801) by sending specially
crafted and long strings.
NSM 2004 FP2 and FP3 are known to be vulnerable.
By default, a watchdog service is installed with NSM.
It is able to restart automatically dead services
(the test is about every 5 min).
Proof of Concept:
I am not intent to publicly disclose the PoC.
Workaround:
Upgrade at least to NSM FP4r1 also known as 2005.1
Thanks to quick responses from Juniper Security Team.
David Maciejak
--------------------------------------------------------------------------------
KYXAR.FR - Mail envoyé depuis http://webmail.kyxar.fr