Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

2012-07: Routing and Switching: Security Advisories Released

0

0

Article ID: JSA10526 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 1.0
Legacy Advisory Id:
PSN-2012-07-654
Product Affected:
Various
Problem:

A new Routing and Switching product security advisory bundle has been released. This message contains the link(s) to the new PSN advisories that have been released.

In the interest of speeding the delivery process for SIRT Security Announcements, the Juniper SIRT has implemented a small process change. When the Juniper SIRT publishes Security Advisories and/or Security Notices, a single master PSN (this PSN) will be pushed to subscribed customers which briefly lists the IDs, descriptions, and links for all of the individual Security Announcements being released together on that day.
Solution:

Please see the following links for more information about the new security advisories:
  1. PSN-2012-07-643: Incorrect behavior of SYN Cookie protection
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-643&viewMode=view

  2. PSN-2012-07-644: Kernel crash due to ICMPv6 packet with corrupted payload
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-644&viewMode=view

  3. PSN-2012-07-645: Incorrect integer conversions in OpenSSL can result in memory corruption (CVE-2012-2110)
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-645&viewMode=view

  4. PSN-2012-07-646: Loading factory-default from exclusive edit causes escalation of privileges
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-646&viewMode=view

  5. PSN-2012-07-647: rpd crash when receiving malformed IS-IS hello packets
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-647&viewMode=view

  6. PSN-2012-07-648: rpd process can hang following a specific PIM broadcast storm
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-648&viewMode=view

  7. PSN-2012-07-649: J-Web vulnerable to Cross Site Scripting
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-649&viewMode=view

  8. PSN-2012-07-650: J-Web vulnerable to hash table collision attacks (CVE-2011-3414)
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-650&viewMode=view

  9. PSN-2012-07-651: When 'log' action is enabled, a firewall filter deployed on lo0 cannot filter high rate of packets sent to the RE
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-651&viewMode=view

  10. PSN-2012-07-652: flowd core when processing non-first IP fragmented packets
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-652&viewMode=view

  11. PSN-2012-07-653: Inbound SSH traffic is allowed even though 'host-inbound-traffic' is not configured to allow it
    http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-07-653&viewMode=view

Severity Level:
None
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search