Juniper Networks Releases Security Updates
Juniper Networks Releases Security Updates
Juniper
Networks has released security updates to address vulnerabilities
affecting multiple products. A remote attacker could exploit some of
these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review the following Juniper Security Advisories and apply necessary updates:
NCCIC encourages users and administrators to review the following Juniper Security Advisories and apply necessary updates:
- Junos OS (link is external): Kernel crash upon receipt of crafted CLNP packets (CVE-2018-0016)
- SRX Series (link is external): Denial-of-service vulnerability in flowd daemon on devices configured with NAT-PT (CVE-2018-0017)
- SRX Series (link is external): Crafted packet may lead to information disclosure and firewall rule bypass during compilation of IDP policies (CVE-2018-0018)
- Junos (link is external): Denial-of-service vulnerability in SNMP MIB-II subagent daemon (mib2d) (CVE-2018-0019)
- Junos OS (link is external): rpd daemon cores due to malformed BGP UPDATE packet (CVE-2018-0020)
- Steel-Belted Radius Carrier (link is external): Eclipse Jetty information disclosure vulnerability (CVE-2015-2080)
- NorthStar (link is external): Return of Bleichenbacher’s Oracle Threat (ROBOT) RSA SSL attack (CVE-2017-1000385)
- OpenSSL (link is external): Multiple vulnerabilities resolved in OpenSSL
- Junos OS (link is external): Multiple vulnerabilities in stunnel 5.38
- NSM Appliance (link is external): Multiple vulnerabilities resolved in CentOS 6.5-based 2012.2R12 release
- Junos OS (link is external): Short MacSec keys may allow man-in-the-middle attacks
- Junos OS (link is external): Mbuf leak due to processing MPLS packets in VPLS networks (CVE-2018-0022)
- Junos Snapshot Administrator (JSNAPy) (link is external) world writeable default configuration file permission (CVE-2018-0023)
コメント
コメントを投稿