JunOS Local Security Checks : Juniper Networks Junos OS QFX and EX Series Information Disclosure Vulnerability (JSA10773, Etherleak)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.106508

Categoría: JunOS Local Security Checks

Título: Juniper Networks Junos OS QFX and EX Series Information Disclosure Vulnerability (JSA10773, Etherleak)

Resumen: Junos OS on QFX and EX series is prone to an information; disclosure vulnerability also known as 'Etherleak'.

Descripción: Summary:
Junos OS on QFX and EX series is prone to an information
disclosure vulnerability also known as 'Etherleak'.

Vulnerability Insight:
QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices do
not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory
or data from previous packets. This issue is also known as 'Etherleak' and often detected as
CVE-2003-0001.

Vulnerability Impact:
An attacker may gain some sensitive information.

Affected Software/OS:
Junos OS 14.1 and 15.1 on specific QFX and EX devices.

Solution:
New builds of Junos OS software are available from Juniper.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2003-0001
@stake Security Advisory: A010603-1
http://www.atstake.com/research/advisories/2003/a010603-1.txt
Bugtraq: 20030106 Etherleak: Ethernet frame padding information leakage (A010603-1) (Google Search)
http://www.securityfocus.com/archive/1/305335/30/26420/threaded
Bugtraq: 20030110 More information regarding Etherleak (Google Search)
http://marc.info/?l=bugtraq&m=104222046632243&w=2
Bugtraq: 20030117 Re: More information regarding Etherleak (Google Search)
http://www.securityfocus.com/archive/1/307564/30/26270/threaded
CERT/CC vulnerability note: VU#412115
http://www.kb.cert.org/vuls/id/412115
http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf
http://www.osvdb.org/9962
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665
http://www.redhat.com/support/errata/RHSA-2003-025.html
http://www.redhat.com/support/errata/RHSA-2003-088.html
http://www.securitytracker.com/id/1031583
http://www.securitytracker.com/id/1040185
http://secunia.com/advisories/7996
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-2304
BugTraq ID: 95403
http://www.securityfocus.com/bid/95403
http://www.securitytracker.com/id/1037593

Copyright Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.106508
Categoría:	JunOS Local Security Checks
Título:	Juniper Networks Junos OS QFX and EX Series Information Disclosure Vulnerability (JSA10773, Etherleak)
Resumen:	Junos OS on QFX and EX series is prone to an information; disclosure vulnerability also known as 'Etherleak'.
Descripción:	Summary: Junos OS on QFX and EX series is prone to an information disclosure vulnerability also known as 'Etherleak'. Vulnerability Insight: QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as 'Etherleak' and often detected as CVE-2003-0001. Vulnerability Impact: An attacker may gain some sensitive information. Affected Software/OS: Junos OS 14.1 and 15.1 on specific QFX and EX devices. Solution: New builds of Junos OS software are available from Juniper. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0001 @stake Security Advisory: A010603-1 http://www.atstake.com/research/advisories/2003/a010603-1.txt Bugtraq: 20030106 Etherleak: Ethernet frame padding information leakage (A010603-1) (Google Search) http://www.securityfocus.com/archive/1/305335/30/26420/threaded Bugtraq: 20030110 More information regarding Etherleak (Google Search) http://marc.info/?l=bugtraq&m=104222046632243&w=2 Bugtraq: 20030117 Re: More information regarding Etherleak (Google Search) http://www.securityfocus.com/archive/1/307564/30/26270/threaded CERT/CC vulnerability note: VU#412115 http://www.kb.cert.org/vuls/id/412115 http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf http://www.osvdb.org/9962 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2665 http://www.redhat.com/support/errata/RHSA-2003-025.html http://www.redhat.com/support/errata/RHSA-2003-088.html http://www.securitytracker.com/id/1031583 http://www.securitytracker.com/id/1040185 http://secunia.com/advisories/7996 http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0016.html Common Vulnerability Exposure (CVE) ID: CVE-2017-2304 BugTraq ID: 95403 http://www.securityfocus.com/bid/95403 http://www.securitytracker.com/id/1037593
Copyright	Copyright (C) 2017 Greenbone AG