Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Local Privilege Escalation Vulnerability in NS-Remote file IPSecDrv.sys

0

0

Article ID: JSA10378 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 2.0
Legacy Advisory Id:
PSN-2008-03-007
Product Affected:
NS-Remote 8.x NS-Remote 9.0 r1 NS-Remote 9.0 r2
Problem:
A security vulnerability in NS-Remote has been reported which allows a local process to gain elevated privileges. The vulnerability exists in the IPSecDrv.sys driver. The issue is locally exploitable only. If the user account already has administrative privileges, the vulnerability does not cause any additional security exposure. If the user account does not have administrative privileges, the vulnerability allows an arbitrary process to gain administrative privileges.
Solution:
Upgrade to NS-Remote 9.0r3 or above, which is available for download from the Juniper software download site.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search