Ubuntu Security Notice 436-2 - USN-436-1 fixed a vulnerability in KTorrent. The original fix for path traversal was incomplete, allowing for alternate vectors of attack. Bryan Burns of Juniper Networks discovered that KTorrent did not correctly validate the destination file paths nor the HAVE statements sent by torrent peers. A malicious remote peer could send specially crafted messages to overwrite files or execute arbitrary code with user privileges.
9639d94610747e9a97954734b5c101e1362174b07ea0275b2e5704d1ab214c07nipper is a Network Infrastructure Configuration Parser. nipper takes a network infrastructure device configuration, processes the file and details security-related issues with the configuration together with detailed recommendations. nipper was previous known as CiscoParse. nipper currently supports Cisco switches (IOS), Cisco Routers (IOS), Cisco Firewalls (PIX/ASA/FWSM) and Juniper NetScreen (ScreenOS). Output is in HTML, Latex, XML and Text. Encrypted passwords can be output to a John-the-Ripper file for strength testing.
a75128e2626f14ada625af996d0cc31e1ef291817127bdbba5e261920efd95a3Gentoo Linux Security Advisory GLSA 200705-01 - Bryan Burns of Juniper Networks discovered a vulnerability in chunkcounter.cpp when processing large or negative idx values, and a directory traversal vulnerability in torrent.cpp. Versions less than 2.1.3 are affected.
b57efc215d1526e13a88dad0980b79388b365f50a3326ebe8a381ad5c7ef0948nipper is a Network Infrastructure Configuration Parser. nipper takes a network infrastructure device configuration, processes the file and details security-related issues with the configuration together with detailed recommendations. nipper was previous known as CiscoParse. nipper currently supports Cisco switches (IOS), Cisco Routers (IOS), Cisco Firewalls (PIX/ASA/FWSM) and Juniper NetScreen (ScreenOS). Output is in HTML, Latex, XML and Text. Encrypted passwords can be output to a John-the-Ripper file for strength testing.
8a276ed572ba90cc7ab49ab643f18c51290a4bc9979a5b90a9ddceef5007e7a1nipper is a Network Infrastructure Configuration Parser. nipper takes a network infrastructure device configuration, processes the file and details security-related issues with the configuration together with detailed recommendations. nipper was previous known as CiscoParse. nipper currently supports Cisco switches (IOS), Cisco Routers (IOS), Cisco Firewalls (PIX/ASA/FWSM) and Juniper NetScreen (ScreenOS). Output is in HTML, Latex, XML and Text. Encrypted passwords can be output to a John-the-Ripper file for strength testing.
5aee65e1cd6590e8b76900f368251e8c848189bf7ace791ee33a6fcb1d7485b2nipper is a Network Infrastructure Configuration Parser. nipper takes a network infrastructure device configuration, processes the file and details security-related issues with the configuration together with detailed recommendations. nipper was previous known as CiscoParse. nipper currently supports Cisco switches (IOS), Cisco Routers (IOS), Cisco Firewalls (PIX/ASA/FWSM) and Juniper NetScreen (ScreenOS). Output is in HTML, Latex, XML and Text. Encrypted passwords can be output to a John-the-Ripper file for strength testing.
84d172e64a4af1c6d664513642c8f3369d04c1b3c807ecc1f9cde8eb702a2927Ubuntu Security Notice 436-1 - Bryan Burns of Juniper Networks discovered that KTorrent did not correctly validate the destination file paths nor the HAVE statements sent by torrent peers. A malicious remote peer could send specially crafted messages to overwrite files or execute arbitrary code with user privileges.
c6a9911f676c52c44f13fff3ea2c268d124e8d46002028af110bf993cb7c6a6aSecunia Security Advisory - A vulnerability has been reported in various Juniper products, which potentially can be exploited by malicious people to bypass certain security restrictions.
81ba8675868f11fecc4cf4eb82c4c06ed3a44c85cf369a9164165f0283650786The Juniper Networks DX System log is vulnerable to a persistent, unauthenticated XSS attack. This vulnerability can be exploited by an attacker to obtain full administrative access to the Juniper DX appliance. Versions 5.1.x are affected.
a1ed4a3e719624facdc99fa06c2d783d53aeb9a14ae8ced2f440bd4576ba2f62Secunia Security Advisory - Darren Bounds has reported a vulnerability for Juniper DX, which can be exploited by malicious people to conduct script insertion attacks.
f7f6210991d578eefe9b9c6eadd0d61a7f819eed17c2bb70cfab3f5f97c14f09eEye Digital Security has discovered a critical vulnerability in Juniper Networks SSL-VPN Client ActiveX Control. JuniperSetup.ocx ActiveX control is automatically loaded through the web interface of Juniper Networks SSL-VPN. There is an exploitable buffer overflow in the handling a parameter of ActiveX control that will allow a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code though the web browser.
ae91c48bc6230bd6f8a1f277d0928e54cb08c88233c50af6a00fc28ae3d57404Secunia Security Advisory - eEye Digital Security has reported a vulnerability in Juniper IVE OS, which can be exploited by malicious people to compromise a user's system.
9774a845b72c7514d6bf2a4973514099ca891aa20e56eec2652ea88bd872243bA Malicious user can cause a remote denial of service in Juniper NSM (NetScreen-Security Manager) by sending specially crafted and long strings to guiSrv(port 7800) and devSrv(port 7801).
797817f93ca63bd55c20e9ac4d6c679d95eeadee929cea0952179beb1d73a6e5Secunia Security Advisory - Juniper has acknowledged a vulnerability in Juniper IVE OS, which potentially can be exploited by malicious people to bypass certain security restrictions.
ff85d8d62130c29010f72ee78cc63641664f8f1009da8b452e6c0c3e875f71d8Secunia Security Advisory - A vulnerability has been reported in JUNOS and JUNOSe, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA17553 The vulnerability has been reported in all Juniper Networks M/T/J/E-series routers running JUNOS or JUNOSe.
7db6678f47edd881dc85eb1a61081f36b51d8d727c8e4c48a7dbda82eb258b72NTA Monitor has discovered a VPN username enumeration vulnerability in the Juniper Netscreen integrated Firewall/VPN products while performing a VPN security test for a customer. The issue is believed to affect all models of Juniper Netscreen running all ScreenOS software versions up to 5.2.0.
c62ad783ef552c15a0b4c2b7381e46c7d0b0f66225ab7c1191509fba5dade3fcSecunia Security Advisory - NTA Monitor has reported a weakness in Juniper Netscreen VPN, which can be exploited by malicious people to gain knowledge of certain information.
dc54631a67b1f3e4f28f0612b9ef3c267191dfacbe0479dd225e644ec4a7eb09Secunia Security Advisory - Juniper Networks has acknowledged some security issues in the M-series and T-series routers running certain unspecified releases of JUNOS, which can be exploited by malicious people to cause a DoS (Denial of Service).
434fe550944faf5f0720cf53cc4d6733d325f683c620dc4bfd83205abf760330Juniper Networks NetScreen Advisory 59147 - A malicious person who can connect to the SSHv1 service on a Juniper Networks Netscreen firewall can crash the device before having to authenticate. Upon execution of the attack, the firewall will reboot or hang, which will prevent traffic to flow through the device.
9bcd70260d6dde060190ee50a49684a445f003622c74f3d12acdfc64e035c869
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed