JunOS Local Security Checks : Juniper Networks Junos OS Buffer Overflow when Processing HTTP Messages

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.103961

Kategorie: JunOS Local Security Checks

Titel: Juniper Networks Junos OS Buffer Overflow when Processing HTTP Messages

Zusammenfassung: Buffer Overflow in flowd when processing HTTP protocol messages

Beschreibung: Summary:
Buffer Overflow in flowd when processing HTTP protocol messages

Vulnerability Insight:
A buffer overflow vulnerability affects the flowd process while
processing HTTP protocol messages. This issue can be triggered when the SRX Series device is acting as a
Unified Access Control (UAC) enforcer in a UAC network with Captive Portal enabled.

Vulnerability Impact:
A remote attacker may execute arbitrary code using crafted HTTP
requests.

Affected Software/OS:
Junos OS on SRX Series running 10.4, 11.4 12.1, or 12.1X44.

Solution:
New builds of Junos OS software are available from Juniper.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-4685
BugTraq ID: 61125
http://www.securityfocus.com/bid/61125
http://osvdb.org/95108

Copyright Copyright (C) 2013 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.103961
Kategorie:	JunOS Local Security Checks
Titel:	Juniper Networks Junos OS Buffer Overflow when Processing HTTP Messages
Zusammenfassung:	Buffer Overflow in flowd when processing HTTP protocol messages
Beschreibung:	Summary: Buffer Overflow in flowd when processing HTTP protocol messages Vulnerability Insight: A buffer overflow vulnerability affects the flowd process while processing HTTP protocol messages. This issue can be triggered when the SRX Series device is acting as a Unified Access Control (UAC) enforcer in a UAC network with Captive Portal enabled. Vulnerability Impact: A remote attacker may execute arbitrary code using crafted HTTP requests. Affected Software/OS: Junos OS on SRX Series running 10.4, 11.4 12.1, or 12.1X44. Solution: New builds of Junos OS software are available from Juniper. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4685 BugTraq ID: 61125 http://www.securityfocus.com/bid/61125 http://osvdb.org/95108
Copyright	Copyright (C) 2013 Greenbone AG