Secunia Security Advisory - A vulnerability has been reported in Juniper Networks Session and Resource Control (SRC) appliances, which can be exploited by malicious people to spoof authenticated SNMPv3 packets.
f005d07615295125f801081c178f30758ca3d13958ca911c9f830aa33d320d0a
----------------------------------------------------------------------
Want a new job?
http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/
International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/
----------------------------------------------------------------------
TITLE:
Juniper Networks Session and Resource Control Appliances SNMP HMAC
Spoofing
SECUNIA ADVISORY ID:
SA30626
VERIFY ADVISORY:
http://secunia.com/advisories/30626/
CRITICAL:
Less critical
IMPACT:
Spoofing
WHERE:
>From local network
OPERATING SYSTEM:
Juniper Networks Session and Resource Control (SRC) 1.x
http://secunia.com/product/19034/
Juniper Networks Session and Resource Control (SRC) 2.x
http://secunia.com/product/19036/
DESCRIPTION:
A vulnerability has been reported in Juniper Networks Session and
Resource Control (SRC) appliances, which can be exploited by
malicious people to spoof authenticated SNMPv3 packets.
For more information:
SA30574
The vulnerability is reported in versions 1.0.0, 1.0.1, or 2.0.0 on
the C-series Controllers.
SOLUTION:
Contact Juniper Networks Customer Support Center for product updates.
ORIGINAL ADVISORY:
http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z
OTHER REFERENCES:
SA30574:
http://secunia.com/advisories/30574/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------