Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Remote crash of ScreenOS via the SSHv1 service

0

0

Article ID: JSA10339 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 3.0
Legacy Advisory Id:
PSN-2004-08-003
Product Affected:
Juniper Networks NetScreen firewalls with SSHv1 enabled
Problem:
On Juniper Networks NetScreen firewalls, the SSHv1 service implementation has an error which allows an attacker to crash ScreenOS.

A malicious person who can connect to the SSHv1 service on a Juniper Networks Netscreen firewall can crash the device prior to being authenticated. Upon execution of the attack, the firewall will reboot or hang, which will prevent traffic from flowing through the device.

Solution:
The SSHv1 code has been updated to eliminate the vulnerability.
Implementation:
Customers have a number of choices to mitigate the attack:
  1. Upgrade the firewall to one of the following versions of ScreenOS:
    VersionAvailability
    5.0.0r8Now
    5.0.0r8.1Now
    4.0.0r13Now
    4.0.1r11Now
    4.0.3r8Now
    4.0.1-Dial2r5Now
    4.0.1-SBRr5Now
    4.0.1-IGMP3r4Now
    4.0.1-MCASTr2Now
    3.0.3r9Now
  2. Disable SSHv1 and manage the device through other means (such as HTTPS).
  3. Configure the firewall to only accept connections from trusted IP addresses. Additionally, enabling IP Spoof protection will add an additional layer of security.
Severity Level:
High
Severity Assessment:
The vulnerability requires a valid TCP connection to the SSH service on the firewall which may mitigate some risk. However, the attack does not require an authenticated session.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search