Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:54:44 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1457327632&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Operating%20System%3A%20Juniper%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Fos%2Fjuniper%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1457327632.1338191684.1338191684.1338191684.1%3B%2B__utmz%3D32867617.1338191684.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/111610/sa48720.txt http://packetstormsecurity.org/files/111610/sa48720.txt http://packetstormsecurity.org/files/111610/Secunia-Security-Advisory-48720.html Thu, 05 Apr 2012 05:30:28 GMT Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/111607/sa48718.txt http://packetstormsecurity.org/files/111607/sa48718.txt http://packetstormsecurity.org/files/111607/Secunia-Security-Advisory-48718.html Thu, 05 Apr 2012 05:30:19 GMT Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/107079/sa46903.txt http://packetstormsecurity.org/files/107079/sa46903.txt http://packetstormsecurity.org/files/107079/Secunia-Security-Advisory-46903.html Thu, 17 Nov 2011 02:29:33 GMT Secunia Security Advisory - A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to bypass certain security restrictions. http://packetstormsecurity.org/files/106869/sa46797.txt http://packetstormsecurity.org/files/106869/sa46797.txt http://packetstormsecurity.org/files/106869/Secunia-Security-Advisory-46797.html Fri, 11 Nov 2011 04:09:04 GMT Secunia Security Advisory - A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to cause a DoS (Denial of Service). http://packetstormsecurity.org/files/100127/icmpv6-dos.txt http://packetstormsecurity.org/files/100127/icmpv6-dos.txt http://packetstormsecurity.org/files/100127/ICMPv6-Router-Announcement-Flooding-Denial-Of-Service.html Wed, 06 Apr 2011 16:29:18 GMT An ICMPv6 router announcement flooding denial of service vulnerability affects multiple systems including Cisco, Juniper, Microsoft, and FreeBSD. Cisco has addressed the issue but Microsoft has decided to ignore it. http://packetstormsecurity.org/files/99990/sa43983.txt http://packetstormsecurity.org/files/99990/sa43983.txt http://packetstormsecurity.org/files/99990/Secunia-Security-Advisory-43983.html Sat, 02 Apr 2011 02:57:01 GMT Secunia Security Advisory - A vulnerability has been reported in Juniper Networks Secure Access, which can be exploited by malicious people to bypass certain security restrictions. http://packetstormsecurity.org/files/96070/junipervpn-clickhack.txt http://packetstormsecurity.org/files/96070/junipervpn-clickhack.txt http://packetstormsecurity.org/files/96070/Juniper-VPN-Client-rdesktop-Click-Hack.html Mon, 22 Nov 2010 12:43:33 GMT Juniper VPN client with remote desktop lets an attacking spawn Internet Explorer prior to authentication. http://packetstormsecurity.org/files/95671/sa42145.txt http://packetstormsecurity.org/files/95671/sa42145.txt http://packetstormsecurity.org/files/95671/Secunia-Security-Advisory-42145.html Tue, 09 Nov 2010 07:59:31 GMT Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/95620/junsslvpn-xssbypass.txt http://packetstormsecurity.org/files/95620/junsslvpn-xssbypass.txt http://packetstormsecurity.org/files/95620/Juniper-SSL-VPN-Bypass-Cross-Site-Scripting.html Tue, 09 Nov 2010 01:05:48 GMT This is a list of older cross site scripting and bypass vulnerabilities associated with older Juniper IVE releases. http://packetstormsecurity.org/files/95600/ZDI-10-231.txt http://packetstormsecurity.org/files/95600/ZDI-10-231.txt http://packetstormsecurity.org/files/95600/Zero-Day-Initiative-Advisory-10-231.html Mon, 08 Nov 2010 23:34:08 GMT Zero Day Initiative Advisory 10-231 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper SA Series devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the meeting_testjava.cgi page which is used to test JVM compatibility. When handling the DSID HTTP header the code allows an attacker to inject arbitrary javascript into the page. This can be abused by an attacker to perform a cross-site scripting attack on the device. http://packetstormsecurity.org/files/91850/sa40561.txt http://packetstormsecurity.org/files/91850/sa40561.txt http://packetstormsecurity.org/files/91850/Secunia-Security-Advisory-40561.html Thu, 15 Jul 2010 07:01:23 GMT Secunia Security Advisory - Richard Brain has reported a vulnerability in Juniper IVE, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/91811/PR09-16.txt http://packetstormsecurity.org/files/91811/PR09-16.txt http://packetstormsecurity.org/files/91811/ProCheckUp-Security-Advisory-2009.16.html Thu, 15 Jul 2010 00:49:36 GMT Procheckup has found by making a malformed request to the Juniper IVE Web interface without authentication, that a vanilla cross site scripting (XSS) attack is possible. http://packetstormsecurity.org/files/90488/sa40117.txt http://packetstormsecurity.org/files/90488/sa40117.txt http://packetstormsecurity.org/files/90488/Secunia-Security-Advisory-40117.html Fri, 11 Jun 2010 13:54:17 GMT Secunia Security Advisory - Richard Brain has reported a weakness in Juniper IVE OS, which can be exploited by malicious people to conduct redirection attacks. http://packetstormsecurity.org/files/87953/junipersrx-dos.txt http://packetstormsecurity.org/files/87953/junipersrx-dos.txt http://packetstormsecurity.org/files/87953/Juniper-SRX-Critical-Denial-Of-Service.html Thu, 01 Apr 2010 23:28:06 GMT The Juniper SRX suffers from a dual-homed swapfile overflow error that can cause denial of service conditions. http://packetstormsecurity.org/files/87066/sa38841.txt http://packetstormsecurity.org/files/87066/sa38841.txt http://packetstormsecurity.org/files/87066/Secunia-Security-Advisory-38841.html Wed, 10 Mar 2010 07:03:31 GMT Secunia Security Advisory - Niels Heinen has reported a vulnerability in Juniper Networks Secure Access, which can be exploited by malicious people to conduct cross-site scripting attacks. http://packetstormsecurity.org/files/86959/junipersa-xss.txt http://packetstormsecurity.org/files/86959/junipersa-xss.txt http://packetstormsecurity.org/files/86959/Juniper-Secure-Access-Cross-Site-Scripting.html Sat, 06 Mar 2010 15:42:52 GMT Juniper Secure Access suffers from a cross site scripting vulnerability. SA Appliances running Juniper IVE OS 6.0 or higher are affected. http://packetstormsecurity.org/files/86309/sa38628.txt http://packetstormsecurity.org/files/86309/sa38628.txt http://packetstormsecurity.org/files/86309/Secunia-Security-Advisory-38628.html Mon, 15 Feb 2010 14:26:42 GMT Secunia Security Advisory - A vulnerability has been reported in Juniper Networks Installer Service, which can be exploited by malicious people to compromise a vulnerable system. http://packetstormsecurity.org/files/83939/sa37786.txt http://packetstormsecurity.org/files/83939/sa37786.txt http://packetstormsecurity.org/files/83939/Secunia-Security-Advisory-37786.html Wed, 16 Dec 2009 15:35:57 GMT Secunia Security Advisory - A vulnerability has been reported in Juniper Networks Secure Access, which can be exploited by malicious people to bypass certain security restrictions. http://packetstormsecurity.org/files/83003/juniper_sslvpn_ive_setupdll.rb.txt http://packetstormsecurity.org/files/83003/juniper_sslvpn_ive_setupdll.rb.txt http://packetstormsecurity.org/files/83003/Juniper-SSL-VPN-IVE-JuniperSetupDLL.dll-ActiveX-Control-Buffer-Overflow.html Thu, 26 Nov 2009 00:34:53 GMT This Metasploit module exploits a stack overflow in the JuniperSetupDLL.dll library which is called by the JuniperSetup.ocx ActiveX control, as part of the Juniper SSL-VPN (IVE) appliance. By specifying an overly long string to the ProductName object parameter, the stack is overwritten. http://packetstormsecurity.org/files/83009/safenet_ike_11.rb.txt http://packetstormsecurity.org/files/83009/safenet_ike_11.rb.txt http://packetstormsecurity.org/files/83009/SafeNet-SoftRemote-IKE-Service-Buffer-Overflow.html Thu, 26 Nov 2009 00:34:53 GMT This Metasploit module exploits a stack overflow in Safenet SoftRemote IKE IreIKE.exe service. When sending a specially crafted udp packet to port 62514 an attacker may be able to execute arbitrary code. This Metasploit module has been tested with Juniper NetScreen-Remote 10.8.0 (Build 20) using windows/meterpreter/reverse_ord_tcp payloads. http://packetstormsecurity.org/files/81711/sa36829.txt http://packetstormsecurity.org/files/81711/sa36829.txt http://packetstormsecurity.org/files/81711/Secunia-Security-Advisory-36829.html Tue, 29 Sep 2009 12:47:23 GMT Secunia Security Advisory - Some vulnerabilities have been reported in Juniper JUNOS, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to conduct script insertion attacks. http://packetstormsecurity.org/files/70814/sa32116.txt http://packetstormsecurity.org/files/70814/sa32116.txt http://packetstormsecurity.org/files/70814/Secunia-Security-Advisory-32116.html Sat, 11 Oct 2008 01:26:40 GMT Secunia Security Advisory - A vulnerability has been reported in multiple Juniper Networks products, which can be exploited by malicious people to manipulate the router's neighbor cache. http://packetstormsecurity.org/files/70566/juniper-xss.txt http://packetstormsecurity.org/files/70566/juniper-xss.txt http://packetstormsecurity.org/files/70566/juniper-xss.txt.html Thu, 02 Oct 2008 21:39:33 GMT Layered Defense Research Advisory - The Juniper Netscreen firewall NetOS version 5.4.0r9.0 suffers from a cross site scripting vulnerability. http://packetstormsecurity.org/files/70555/sa32078.txt http://packetstormsecurity.org/files/70555/sa32078.txt http://packetstormsecurity.org/files/70555/Secunia-Security-Advisory-32078.html Thu, 02 Oct 2008 21:01:10 GMT Secunia Security Advisory - A vulnerability has been reported in Juniper NetScreen ScreenOS, which can be exploited by malicious people to conduct script insertion attacks. http://packetstormsecurity.org/files/67971/sa31012.txt http://packetstormsecurity.org/files/67971/sa31012.txt http://packetstormsecurity.org/files/67971/Secunia-Security-Advisory-31012.html Thu, 10 Jul 2008 01:44:47 GMT Secunia Security Advisory - A vulnerability has been reported in various Juniper Network products, which can be exploited by malicious people to poison the DNS cache.