Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

2013-07: Junos Routing, Switching, and Security: Security Advisories Released

0

0

Article ID: JSA10581 SECURITY_ADVISORIES Last Updated: 10 Jul 2013Version: 1.0
Legacy Advisory Id:
PSN-2013-07-974
Product Affected:
Various
Problem:
A new Junos product security advisory bundle has been released. This message contains the link to the new Juniper Security Advisories (JSAs) that have been released.

In the interest of speeding the delivery process for SIRT Security Announcements, the Juniper SIRT has implemented a small process change. When the Juniper SIRT publishes Security Advisories and/or Security Notices, a single master PSN (this PSN) will be pushed to subscribed customers which briefly lists the IDs, descriptions, and links for all of the individual Security Announcements being released together on that day.
Solution:
Please see the following links for more information about the new security advisories: 
  1. JSA10573 - SRX flowd core while processing PIM packets (CVE-2013-4684)
    http://kb.juniper.net/JSA10573

  2. JSA10574 - SRX buffer overflow vulnerability in flowd while processing HTTP protocol messages in a UAC environment (CVE-2013-4685)
    http://kb.juniper.net/JSA10574

  3. JSA10575 - Multiple security vulnerabilities in OpenSSL
    http://kb.juniper.net/JSA10575

  4. JSA10576 - Kernel crash during processing of certain ARP requests when proxy-arp and arp-resp options enabled (CVE-2013-4686)
    http://kb.juniper.net/JSA10576

  5. JSA10577 - Multiple SRX flowd crashes while processing certain TCP packets when TCP-based ALGs configured (CVE-2013-4687)
    http://kb.juniper.net/JSA10577

  6. JSA10578 - SRX flowd core while processing MSRPC messages (CVE-2013-4688)
    http://kb.juniper.net/JSA10578

  7. JSA10579 - SRX1400/3400/3600 vulnerable to 'Etherleak' packet fragment disclosure in Ethernet padding data (CVE-2013-4690)
    http://kb.juniper.net/JSA10579

  8. JSA10580 - SSL/TLS Renegotiation DoS vulnerability detected in Junos (CVE-2011-1473)
    http://kb.juniper.net/JSA10580
Workaround:
Not applicable.
Implementation:
 
CVSS Score:
Various
Severity Level:
None
Acknowledgements:
 

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search