Регистриране

Предупреждения


Juniper Networks публикува ъпдейти за защита


Juniper Networks публикува ъпдейти, отстраняващи уязвимости в множество продукти. Нападател дистанционно би използвал някои от тези уязвимости, за да поеме контрол над засегнатата система.

CERT България препоръчва на потребителите и администраторите да се запознаят със следните съвети за сигурност на Juniper и да приложат необходимите ъпдейти.

  • Junos OS: Kernel crash upon receipt of crafted CLNP packets (CVE-2018-0016)
  • SRX Series: Denial-of-service vulnerability in flowd daemon on devices configured with NAT-PT (CVE-2018-0017)
  • SRX Series: Crafted packet may lead to information disclosure and firewall rule bypass during compilation of IDP policies (CVE-2018-0018)
  • Junos: Denial-of-service vulnerability in SNMP MIB-II subagent daemon (mib2d) (CVE-2018-0019)
  • Junos OS: rpd daemon cores due to malformed BGP UPDATE packet (CVE-2018-0020)
  • Steel-Belted Radius Carrier: Eclipse Jetty information disclosure vulnerability (CVE-2015-2080)
  • NorthStar: Return of Bleichenbacher's Oracle Threat (ROBOT) RSA SSL attack (CVE-2017-1000385)
  • OpenSSL: Multiple vulnerabilities resolved in OpenSSL
  • Junos OS: Multiple vulnerabilities in stunnel 5.38
  • NSM Appliance: Multiple vulnerabilities resolved in CentOS 6.5-based 2012.2R12 release
  • Junos OS: Short MacSec keys may allow man-in-the-middle attacks
  • Junos OS: Mbuf leak due to processing MPLS packets in VPLS networks (CVE-2018-0022)
  • Junos Snapshot Administrator (JSNAPy) world writeable default configuration file permission (CVE-2018-0023


13.4.2018 г.

НОВИ ВИРУСИ RSS
УЯЗВИМОСТИ RSS