JunOS Local Security Checks : Juniper Networks Junos OS libc Vulnerability

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.106137

Category: JunOS Local Security Checks

Title: Juniper Networks Junos OS libc Vulnerability

Summary: Junos OS is prone to a vulnerability in libc.

Description: Summary:
Junos OS is prone to a vulnerability in libc.

Vulnerability Insight:
On April 22nd, 2009 FreeBSD announced that the db interface in libc
does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to
obtain sensitive information by reading a database file.

Junos OS operates on either FreeBSD 6.1 and earlier, or FreeBSD 10.1 and later depending on the version
of Junos OS.

Vulnerability Impact:
A local attacker may obtain sensitive information.

Affected Software/OS:
Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1

Solution:
New builds of Junos OS software are available from Juniper.

CVSS Score:
4.9

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-1436
BugTraq ID: 34666
http://www.securityfocus.com/bid/34666
FreeBSD Security Advisory: FreeBSD-SA-09:07
http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc
http://osvdb.org/53918
http://www.securitytracker.com/id?1022113
http://secunia.com/advisories/34810

Copyright Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.106137
Category:	JunOS Local Security Checks
Title:	Juniper Networks Junos OS libc Vulnerability
Summary:	Junos OS is prone to a vulnerability in libc.
Description:	Summary: Junos OS is prone to a vulnerability in libc. Vulnerability Insight: On April 22nd, 2009 FreeBSD announced that the db interface in libc does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file. Junos OS operates on either FreeBSD 6.1 and earlier, or FreeBSD 10.1 and later depending on the version of Junos OS. Vulnerability Impact: A local attacker may obtain sensitive information. Affected Software/OS: Junos OS 12.1, 12.3, 13.2, 13.3, 14.1, 14.2 and 15.1 Solution: New builds of Junos OS software are available from Juniper. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1436 BugTraq ID: 34666 http://www.securityfocus.com/bid/34666 FreeBSD Security Advisory: FreeBSD-SA-09:07 http://security.freebsd.org/advisories/FreeBSD-SA-09:07.libc.asc http://osvdb.org/53918 http://www.securitytracker.com/id?1022113 http://secunia.com/advisories/34810
Copyright	Copyright (C) 2016 Greenbone AG