JunOS Local Security Checks : Juniper Networks Junos OS OpenSSH Restriction Bypass Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.106046

Categoría: JunOS Local Security Checks

Título: Juniper Networks Junos OS OpenSSH Restriction Bypass Vulnerability

Resumen: Junos OS is prone to a restriction bypass vulnerability in OpenSSH.

Descripción: Summary:
Junos OS is prone to a restriction bypass vulnerability in OpenSSH.

Vulnerability Insight:
A vulnerability in OpenSSH may allow a remote network based
attacker to effectively bypass restrictions on number of authentication attempts, as defined by
MaxAuthTries settings on Junos.

Vulnerability Impact:
The vulnerability may enable brute force password attacks to gain
access to the device.

Affected Software/OS:
Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1

Solution:
New builds of Junos OS software are available from Juniper. As a
workaround disable password based authentication completely, and implement key based authentication
exclusively in the SSH server configuration.

CVSS Score:
8.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-5600
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
BugTraq ID: 75990
http://www.securityfocus.com/bid/75990
BugTraq ID: 91787
http://www.securityfocus.com/bid/91787
BugTraq ID: 92012
http://www.securityfocus.com/bid/92012
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162955.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
http://seclists.org/fulldisclosure/2015/Jul/92
https://security.gentoo.org/glsa/201512-04
https://www.arista.com/en/support/advisories-notices/security-advisories/1174-security-advisory-12
https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
http://openwall.com/lists/oss-security/2015/07/23/4
RedHat Security Advisories: RHSA-2016:0466
http://rhn.redhat.com/errata/RHSA-2016-0466.html
http://www.securitytracker.com/id/1032988
SuSE Security Announcement: SUSE-SU-2015:1581 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
http://www.ubuntu.com/usn/USN-2710-1
http://www.ubuntu.com/usn/USN-2710-2

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.106046
Categoría:	JunOS Local Security Checks
Título:	Juniper Networks Junos OS OpenSSH Restriction Bypass Vulnerability
Resumen:	Junos OS is prone to a restriction bypass vulnerability in OpenSSH.
Descripción:	Summary: Junos OS is prone to a restriction bypass vulnerability in OpenSSH. Vulnerability Insight: A vulnerability in OpenSSH may allow a remote network based attacker to effectively bypass restrictions on number of authentication attempts, as defined by MaxAuthTries settings on Junos. Vulnerability Impact: The vulnerability may enable brute force password attacks to gain access to the device. Affected Software/OS: Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1 Solution: New builds of Junos OS software are available from Juniper. As a workaround disable password based authentication completely, and implement key based authentication exclusively in the SSH server configuration. CVSS Score: 8.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5600 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 75990 http://www.securityfocus.com/bid/75990 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 BugTraq ID: 92012 http://www.securityfocus.com/bid/92012 http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162955.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html http://seclists.org/fulldisclosure/2015/Jul/92 https://security.gentoo.org/glsa/201512-04 https://www.arista.com/en/support/advisories-notices/security-advisories/1174-security-advisory-12 https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html http://openwall.com/lists/oss-security/2015/07/23/4 RedHat Security Advisories: RHSA-2016:0466 http://rhn.redhat.com/errata/RHSA-2016-0466.html http://www.securitytracker.com/id/1032988 SuSE Security Announcement: SUSE-SU-2015:1581 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html http://www.ubuntu.com/usn/USN-2710-1 http://www.ubuntu.com/usn/USN-2710-2
Copyright	Copyright (C) 2015 Greenbone AG