Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 (build 9627) 4.2 Release (build 7631). This occurs because appropriate controls are not performed.
7858808a9580d86e2e50d68ec558fefa12e52e066ec9cec0e4eb1dad8f3869c8A special crafted ICMP ECHO REQUEST can cause a denial of service condition on the Juniper SSG20.
65c2ed19eba0758f8c760b12d4765618e61203e44d05a5145cb0d2a79e35d225Juniper JunOS version 9.x suffers from a html injection vulnerability that allows for cross site scripting attacks.
29ccd87908529598304cd583f8ee5922f7df5671abd5b2cd835597f7343deffdJuniper Secure Access software suffers from a reflective cross site scripting vulnerability.
1e91a40814ce854dfbc08417fc774b84fa293848396a5db20ca9b655cc2fc7d0Secunia Security Advisory - A vulnerability has been reported in Juniper JunosE, which can be exploited by malicious people to cause a DoS (Denial of Service).
08b8b6a0e8065ce1da5d3243663e8f8be801cdcc79193e1ced3e6a3cd4df6369This is a presentation called Router Exploitation. It was given at BlackHat 2009. It discusses various vendors such as Cisco, Juniper, Huawei, and more.
d251e8ce38047dd92c1a121ab52dccf2904bfc18ca85475675ae8202a6a1241dSecunia Security Advisory - Dell SecureWorks has reported a vulnerability in Juniper Networks Mobility System, which can be exploited by malicious people to conduct cross-site scripting attacks.
893f92e0d1f70719368fa3a17fcc9b5ed6140ec7a976fa7684bdb43d205625f2Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.
7f2939c51ae2de49c84a3603094e0241b465006371436fd834f9291f9d7516a0Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.
9c885039dd4a5ea03c2cbbac3693f855bbb1db856940a8abb123c687747653adSecunia Security Advisory - A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to bypass certain security restrictions.
31caf995dcbdcc45328b21cc63fc2006c9e06b259429e5818928423199aed36dSecunia Security Advisory - A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to cause a DoS (Denial of Service).
6896de19a7c2dc47cf7498f8ebc3a330877b75201e4e0de7a0ec5ae25b683114An ICMPv6 router announcement flooding denial of service vulnerability affects multiple systems including Cisco, Juniper, Microsoft, and FreeBSD. Cisco has addressed the issue but Microsoft has decided to ignore it.
b678a0b413550ec37fd50aa3338c0642a3b7f81dcdd9c330b6d7ffb73e786564Secunia Security Advisory - A vulnerability has been reported in Juniper Networks Secure Access, which can be exploited by malicious people to bypass certain security restrictions.
b7eb2e6d1ffc372841ec4312e98ca31e42075ca173fae964ed7c7e283f5bb9eaJuniper VPN client with remote desktop lets an attacking spawn Internet Explorer prior to authentication.
f6891045a7207af4d1a8fb5787e4acbee0b1a68022babe3bae8c08623c705fa7Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.
fe70a8701491bdb2732230e4912a2680b6cf9116ef4aae3fd54dac2652b68f19This is a list of older cross site scripting and bypass vulnerabilities associated with older Juniper IVE releases.
373b779224dfe366049456b486a0f52893693761af7861f0c2f4e45a15feacc4Zero Day Initiative Advisory 10-231 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper SA Series devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the meeting_testjava.cgi page which is used to test JVM compatibility. When handling the DSID HTTP header the code allows an attacker to inject arbitrary javascript into the page. This can be abused by an attacker to perform a cross-site scripting attack on the device.
99b5f28f3dda214bda4fefa3c825879f71b46d2042476feb6389be98ef4324baSecunia Security Advisory - Richard Brain has reported a vulnerability in Juniper IVE, which can be exploited by malicious people to conduct cross-site scripting attacks.
7ee3aa86aac36fb85624d366661203467e364b82b6efdf7bcc3e68396ff7cd7bProcheckup has found by making a malformed request to the Juniper IVE Web interface without authentication, that a vanilla cross site scripting (XSS) attack is possible.
b19b3cf027c13feb0c9453befa1a1695ad3c71996e2d1625b3489dfef480afbaSecunia Security Advisory - Richard Brain has reported a weakness in Juniper IVE OS, which can be exploited by malicious people to conduct redirection attacks.
5e185368e124833316095a43821e03e16787a5718784932b39d02ddc8ceca014The Juniper SRX suffers from a dual-homed swapfile overflow error that can cause denial of service conditions.
47019e4b52e0979c5d0727ed6f034816ad6998bcfcbd19d8a1f7cd565264a61bSecunia Security Advisory - Niels Heinen has reported a vulnerability in Juniper Networks Secure Access, which can be exploited by malicious people to conduct cross-site scripting attacks.
67f3075b446d7ff37980caabb69f523d954d45a1d15391d6552cd4a5147e3886Juniper Secure Access suffers from a cross site scripting vulnerability. SA Appliances running Juniper IVE OS 6.0 or higher are affected.
0882671fc019f10145475cd894b03e06c77f59799dbbcde50b40394c2be3d4eeSecunia Security Advisory - A vulnerability has been reported in Juniper Networks Installer Service, which can be exploited by malicious people to compromise a vulnerable system.
0a4fea523623975783da3970e6e1b7a140133222524dc803b1b95d2baddc07bbSecunia Security Advisory - A vulnerability has been reported in Juniper Networks Secure Access, which can be exploited by malicious people to bypass certain security restrictions.
53c1f5598564f17c42e58e0e9b4474639f89c44bc3c838bc1384ba8cdb6bdb28
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed