exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files

juniper-xss.txt
Posted Oct 2, 2008
Authored by Deral Heiland | Site layereddefense.com

Layered Defense Research Advisory - The Juniper Netscreen firewall NetOS version 5.4.0r9.0 suffers from a cross site scripting vulnerability.

tags | advisory, xss
systems | juniper
SHA-256 | 9344e671e676c1c4e250d0863d105544249c0894b443ce3abbcaf6abdedf65a2

Related Files

Juniper SRX Firewall / EX Switch Remote Code Execution
Posted Feb 2, 2024
Authored by whiteOwl | Site whiteowl-pub.github.io

This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo() function on the login page of the target device, allowing to inspect the PHP configuration. This script also has the option to save the phpinfo() output to a file for further analysis.

tags | exploit, php, proof of concept
advisories | CVE-2023-36845
SHA-256 | 56c0a0ad9dba5be91bcf88dbed7e2234e764bf5d6166e8250dfe5f1920543e02
Juniper JunOS SRX / EX Remote Code Execution
Posted Aug 30, 2023
Authored by watchTowr Labs Team | Site github.com

A proof of concept exploit for chaining four CVEs to achieve remote code execution in Juniper JunOS within SRX and EX Series products.

tags | exploit, remote, code execution, proof of concept
systems | juniper
advisories | CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847
SHA-256 | ab0b70a7cc6a4a947d8faceced29674fb6ad7bf45e8a329120e642cb825e3c05
Juniper Secure Access SSL VPN Privilege Escalation
Posted Dec 22, 2018
Authored by Rafael Pedrero

Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 (build 9627) 4.2 Release (build 7631). This occurs because appropriate controls are not performed.

tags | exploit
systems | juniper
advisories | CVE-2018-20193
SHA-256 | 7858808a9580d86e2e50d68ec558fefa12e52e066ec9cec0e4eb1dad8f3869c8
Juniper JunOS 9.x Cross Site Scripting
Posted Jul 24, 2013
Authored by Andrea Menin

Juniper JunOS version 9.x suffers from a html injection vulnerability that allows for cross site scripting attacks.

tags | exploit, xss
systems | juniper
advisories | CVE-2014-3821
SHA-256 | 29ccd87908529598304cd583f8ee5922f7df5671abd5b2cd835597f7343deffd
Juniper VPN Client rdesktop Click Hack
Posted Nov 22, 2010
Authored by niekt0

Juniper VPN client with remote desktop lets an attacking spawn Internet Explorer prior to authentication.

tags | exploit, remote
systems | juniper
SHA-256 | f6891045a7207af4d1a8fb5787e4acbee0b1a68022babe3bae8c08623c705fa7
Juniper SRX Critical Denial Of Service
Posted Apr 1, 2010
Authored by Disgraced Research Utility Group

The Juniper SRX suffers from a dual-homed swapfile overflow error that can cause denial of service conditions.

tags | advisory, denial of service, overflow
systems | juniper
SHA-256 | 47019e4b52e0979c5d0727ed6f034816ad6998bcfcbd19d8a1f7cd565264a61b
Juniper Secure Access Cross Site Scripting
Posted Mar 6, 2010
Authored by Logica

Juniper Secure Access suffers from a cross site scripting vulnerability. SA Appliances running Juniper IVE OS 6.0 or higher are affected.

tags | advisory, xss
systems | juniper
SHA-256 | 0882671fc019f10145475cd894b03e06c77f59799dbbcde50b40394c2be3d4ee
Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits a stack overflow in the JuniperSetupDLL.dll library which is called by the JuniperSetup.ocx ActiveX control, as part of the Juniper SSL-VPN (IVE) appliance. By specifying an overly long string to the ProductName object parameter, the stack is overwritten.

tags | exploit, overflow, activex
systems | juniper
advisories | CVE-2006-2086
SHA-256 | 26f61dc73b61764daa3a06c44ab90c018a5f7c37d9a49f838a2c3b1e07f7ce49
FortiClient Format String
Posted Apr 2, 2009
Authored by Deral Heiland | Site layereddefense.com

Layered Defense Research Advisory - FortiClient version 3.0.614 suffers from a format string vulnerability.

tags | advisory
SHA-256 | 03c7157f2662b4ea6613ac679d2324fc6483c5a47915efcd34f14575cddd1f83
Symantec PcAnywhere 10 Format String
Posted Mar 19, 2009
Authored by Deral Heiland | Site layereddefense.com

Layered Defense Research Advisory - A local format string vulnerability was discovered within Symantec PcAnywhere version 10 thru 12.5. The vulnerability is due to improper processing of format strings within (.CHF) remote control file names or associated file path. When special crafted format strings are entered as the file name (%s%s%s%s%s.chf) or within the path of the CHF file the format string vulnerability is triggered. Making it possible to read/write arbitrary memory and at a minimum cause a denial of service condition.

tags | advisory, remote, denial of service, arbitrary, local
advisories | CVE-2009-0538
SHA-256 | a574bab9b99dda07703b1bfb56b0731c44ceff88c536d3484eab091eb2e196a5
alcatel-overflow.txt
Posted Aug 13, 2008
Authored by Deral Heiland | Site layereddefense.com

Layered Defense Research Advisory - A stack based buffer overflow was discovered within Alcatel OmniSwitch product line.

tags | advisory, overflow
SHA-256 | 7990682cd4bcbd2b3f2495a6713625e60c4b87f4bffbdfcb203ecad33dac8594
lda-1-novell.txt
Posted Dec 6, 2006
Authored by Deral Heiland | Site layereddefense.com

Layered Defense Advisory - A format string vulnerability was discovered within Novell client 4.91 . The vulnerability is due to improper processing of format strings within NMAS (Novell Modular Authentication Services) Information message window. An attacker who enters special crafted format strings in the Username field at the Novell logon and selects Sequences under the NMAS tab can read data from the winlogon process stack or read from arbitrary memory, and at a minimum cause a denial of service.

tags | advisory, denial of service, arbitrary
SHA-256 | 16000cd5b2e4b7f104dd288b51b65a2f794e2c097e823e6489eb20d40d32e75f
OfficesScan-Corp.txt
Posted Oct 4, 2006
Authored by Deral Heiland | Site layereddefense.com

Layered Defense Advisory: TrendMicro OfficesScan Corporate is vulnerable to execution of arbitrary code, potential remote exploit, and denial of service.

tags | advisory, remote, denial of service, arbitrary
SHA-256 | d46d632af7507a699b201db1a7e5a3a5c7485df1d3c8ec670aa194187ccb1299
LD-13.txt
Posted Sep 14, 2006
Authored by Deral Heiland | Site LayeredDefense.com

Layered Defense Advisory 13 September 2006 - multiple versions of Symantec AntiVirus Corporate Edition and Symantec Client Security suffer from a format string vulnerability that can allow a local user to execute arbitrary code with elevated privileges.

tags | advisory, arbitrary, local
SHA-256 | 638ff7c2543279c25e07521456fb79452722ffd7d210c291df46f328afdfecee
juniperXSS.txt
Posted Jul 12, 2006
Authored by Darren Bounds

The Juniper Networks DX System log is vulnerable to a persistent, unauthenticated XSS attack. This vulnerability can be exploited by an attacker to obtain full administrative access to the Juniper DX appliance. Versions 5.1.x are affected.

tags | advisory
systems | juniper
SHA-256 | a1ed4a3e719624facdc99fa06c2d783d53aeb9a14ae8ced2f440bd4576ba2f62
JuniperNSM.txt
Posted Dec 29, 2005
Authored by David Maciejak

A Malicious user can cause a remote denial of service in Juniper NSM (NetScreen-Security Manager) by sending specially crafted and long strings to guiSrv(port 7800) and devSrv(port 7801).

tags | advisory, remote, denial of service
systems | juniper
SHA-256 | 797817f93ca63bd55c20e9ac4d6c679d95eeadee929cea0952179beb1d73a6e5
juniperEnum.txt
Posted Aug 19, 2005
Authored by Roy Hills | Site nta-monitor.com

NTA Monitor has discovered a VPN username enumeration vulnerability in the Juniper Netscreen integrated Firewall/VPN products while performing a VPN security test for a customer. The issue is believed to affect all models of Juniper Netscreen running all ScreenOS software versions up to 5.2.0.

tags | advisory
systems | juniper
SHA-256 | c62ad783ef552c15a0b4c2b7381e46c7d0b0f66225ab7c1191509fba5dade3fc
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close