exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 69 RSS Feed

Operating System: Juniper

Juniper SRX Firewall / EX Switch Remote Code Execution
Posted Oct 2, 2023
Authored by Ron Bowes, Jacob Baines, jheysel-r7 | Site metasploit.com

This Metasploit module exploits a PHP environment variable manipulation vulnerability affecting Juniper SRX firewalls and EX switches. The affected Juniper devices running FreeBSD and every FreeBSD process can access their stdin by opening /dev/fd/0. The exploit also makes use of two useful PHP features. The first being auto_prepend_file which causes the provided file to be added using the require function. The second PHP function is allow_url_include which allows the use of URL-aware fopen wrappers. By enabling allow_url_include, the exploit can use any protocol wrapper with auto_prepend_file. The module then uses data:// to provide a file inline which includes the base64 encoded PHP payload. By default this exploit returns a session confined to a FreeBSD jail with limited functionality. There is a datastore option JAIL_BREAK, that when set to true, will steal the necessary tokens from a user authenticated to the J-Web application, in order to overwrite the root password hash. If there is no user authenticated to the J-Web application this method will not work. The module then authenticates with the new root password over SSH and then rewrites the original root password hash to /etc/master.passwd.

tags | exploit, web, root, php, protocol
systems | freebsd, bsd, juniper
advisories | CVE-2023-36845
SHA-256 | 23552b23e1cc0e2022181944f8894c8f7203e6893e7d1127561c3ffd867b9517
Juniper JunOS SRX / EX Remote Code Execution
Posted Aug 30, 2023
Authored by watchTowr Labs Team | Site github.com

A proof of concept exploit for chaining four CVEs to achieve remote code execution in Juniper JunOS within SRX and EX Series products.

tags | exploit, remote, code execution, proof of concept
systems | juniper
advisories | CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847
SHA-256 | ab0b70a7cc6a4a947d8faceced29674fb6ad7bf45e8a329120e642cb825e3c05
Juniper Secure Access SSL VPN Privilege Escalation
Posted Dec 22, 2018
Authored by Rafael Pedrero

Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 (build 9627) 4.2 Release (build 7631). This occurs because appropriate controls are not performed.

tags | exploit
systems | juniper
advisories | CVE-2018-20193
SHA-256 | 7858808a9580d86e2e50d68ec558fefa12e52e066ec9cec0e4eb1dad8f3869c8
Juniper SSG20 Denial Of Service
Posted Jan 23, 2014
Site ffri.jp

A special crafted ICMP ECHO REQUEST can cause a denial of service condition on the Juniper SSG20.

tags | advisory, denial of service
systems | juniper
advisories | CVE-2013-6958
SHA-256 | 65c2ed19eba0758f8c760b12d4765618e61203e44d05a5145cb0d2a79e35d225
Juniper JunOS 9.x Cross Site Scripting
Posted Jul 24, 2013
Authored by Andrea Menin

Juniper JunOS version 9.x suffers from a html injection vulnerability that allows for cross site scripting attacks.

tags | exploit, xss
systems | juniper
advisories | CVE-2014-3821
SHA-256 | 29ccd87908529598304cd583f8ee5922f7df5671abd5b2cd835597f7343deffd
Juniper Secure Access Cross Site Scripting
Posted Jul 23, 2013
Authored by Anil Pazvant

Juniper Secure Access software suffers from a reflective cross site scripting vulnerability.

tags | advisory, xss
systems | juniper
advisories | CVE-2012-5460
SHA-256 | 1e91a40814ce854dfbc08417fc774b84fa293848396a5db20ca9b655cc2fc7d0
Secunia Security Advisory 51832
Posted Jan 15, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Juniper JunosE, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | juniper
SHA-256 | 08b8b6a0e8065ce1da5d3243663e8f8be801cdcc79193e1ced3e6a3cd4df6369
Router Exploitation
Posted Nov 23, 2012
Authored by FX | Site recurity-labs.com

This is a presentation called Router Exploitation. It was given at BlackHat 2009. It discusses various vendors such as Cisco, Juniper, Huawei, and more.

tags | paper
systems | cisco, juniper
SHA-256 | d251e8ce38047dd92c1a121ab52dccf2904bfc18ca85475675ae8202a6a1241d
Secunia Security Advisory 49587
Posted Jun 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Dell SecureWorks has reported a vulnerability in Juniper Networks Mobility System, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | juniper
SHA-256 | 893f92e0d1f70719368fa3a17fcc9b5ed6140ec7a976fa7684bdb43d205625f2
Secunia Security Advisory 48720
Posted Apr 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | juniper
SHA-256 | 7f2939c51ae2de49c84a3603094e0241b465006371436fd834f9291f9d7516a0
Secunia Security Advisory 48718
Posted Apr 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | juniper
SHA-256 | 9c885039dd4a5ea03c2cbbac3693f855bbb1db856940a8abb123c687747653ad
Secunia Security Advisory 46903
Posted Nov 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | juniper
SHA-256 | 31caf995dcbdcc45328b21cc63fc2006c9e06b259429e5818928423199aed36d
Secunia Security Advisory 46797
Posted Nov 11, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | juniper
SHA-256 | 6896de19a7c2dc47cf7498f8ebc3a330877b75201e4e0de7a0ec5ae25b683114
ICMPv6 Router Announcement Flooding Denial Of Service
Posted Apr 6, 2011
Authored by van Hauser

An ICMPv6 router announcement flooding denial of service vulnerability affects multiple systems including Cisco, Juniper, Microsoft, and FreeBSD. Cisco has addressed the issue but Microsoft has decided to ignore it.

tags | advisory, denial of service
systems | cisco, freebsd, juniper
advisories | CVE-2010-4670, CVE-2010-4671, CVE-2010-4669
SHA-256 | b678a0b413550ec37fd50aa3338c0642a3b7f81dcdd9c330b6d7ffb73e786564
Secunia Security Advisory 43983
Posted Apr 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Juniper Networks Secure Access, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | juniper
SHA-256 | b7eb2e6d1ffc372841ec4312e98ca31e42075ca173fae964ed7c7e283f5bb9ea
Juniper VPN Client rdesktop Click Hack
Posted Nov 22, 2010
Authored by niekt0

Juniper VPN client with remote desktop lets an attacking spawn Internet Explorer prior to authentication.

tags | exploit, remote
systems | juniper
SHA-256 | f6891045a7207af4d1a8fb5787e4acbee0b1a68022babe3bae8c08623c705fa7
Secunia Security Advisory 42145
Posted Nov 9, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | juniper
SHA-256 | fe70a8701491bdb2732230e4912a2680b6cf9116ef4aae3fd54dac2652b68f19
Juniper SSL VPN Bypass / Cross Site Scripting
Posted Nov 9, 2010
Authored by Michal Zalewski

This is a list of older cross site scripting and bypass vulnerabilities associated with older Juniper IVE releases.

tags | exploit, vulnerability, xss, bypass
systems | juniper
SHA-256 | 373b779224dfe366049456b486a0f52893693761af7861f0c2f4e45a15feacc4
Zero Day Initiative Advisory 10-231
Posted Nov 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-231 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper SA Series devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the meeting_testjava.cgi page which is used to test JVM compatibility. When handling the DSID HTTP header the code allows an attacker to inject arbitrary javascript into the page. This can be abused by an attacker to perform a cross-site scripting attack on the device.

tags | advisory, remote, web, arbitrary, cgi, javascript, xss
systems | juniper
SHA-256 | 99b5f28f3dda214bda4fefa3c825879f71b46d2042476feb6389be98ef4324ba
Secunia Security Advisory 40561
Posted Jul 15, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Richard Brain has reported a vulnerability in Juniper IVE, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | juniper
SHA-256 | 7ee3aa86aac36fb85624d366661203467e364b82b6efdf7bcc3e68396ff7cd7b
ProCheckUp Security Advisory 2009.16
Posted Jul 15, 2010
Authored by ProCheckUp, Richard Brain | Site procheckup.com

Procheckup has found by making a malformed request to the Juniper IVE Web interface without authentication, that a vanilla cross site scripting (XSS) attack is possible.

tags | exploit, web, xss
systems | juniper
SHA-256 | b19b3cf027c13feb0c9453befa1a1695ad3c71996e2d1625b3489dfef480afba
Secunia Security Advisory 40117
Posted Jun 11, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Richard Brain has reported a weakness in Juniper IVE OS, which can be exploited by malicious people to conduct redirection attacks.

tags | advisory
systems | juniper
SHA-256 | 5e185368e124833316095a43821e03e16787a5718784932b39d02ddc8ceca014
Juniper SRX Critical Denial Of Service
Posted Apr 1, 2010
Authored by Disgraced Research Utility Group

The Juniper SRX suffers from a dual-homed swapfile overflow error that can cause denial of service conditions.

tags | advisory, denial of service, overflow
systems | juniper
SHA-256 | 47019e4b52e0979c5d0727ed6f034816ad6998bcfcbd19d8a1f7cd565264a61b
Secunia Security Advisory 38841
Posted Mar 10, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Niels Heinen has reported a vulnerability in Juniper Networks Secure Access, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | juniper
SHA-256 | 67f3075b446d7ff37980caabb69f523d954d45a1d15391d6552cd4a5147e3886
Juniper Secure Access Cross Site Scripting
Posted Mar 6, 2010
Authored by Logica

Juniper Secure Access suffers from a cross site scripting vulnerability. SA Appliances running Juniper IVE OS 6.0 or higher are affected.

tags | advisory, xss
systems | juniper
SHA-256 | 0882671fc019f10145475cd894b03e06c77f59799dbbcde50b40394c2be3d4ee
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close