Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

2014-11 Security Bulletin: CTPOS: Multiple vulnerabilities resolved by third party software upgrades

0

0

Article ID: JSA10660 SECURITY_ADVISORIES Last Updated: 05 Mar 2017Version: 2.0
Product Affected:
CTPOS releases prior to 6.6R2.
Problem:

CTPOS release 6.6R2 addresses vulnerabilities in prior releases with NTP updated from 4.2.2 to 4.2.6, OpenSSH updated from 5.1 to 6.6 and OpenSSL updated from 0.9.8w to 0.9.8za. The following is a summary of vulnerabilities ordered by risk score:

CVECVSS v2 base scoreSummary
CVE-2009-01596.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)NTP stack-based buffer overflow that could allow remote NTP servers to execute arbitrary code via a crafted response.
CVE-2014-02246.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)OpenSSL man in the middle vulnerability related to ChangeCipherSpec messages, aka the "CCS Injection" vulnerability.
CVE-2009-35636.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)NTP denial of service vulnerability.
CVE-2010-51075.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)OpenSSH denial of service (connection-slot exhaustion) vulnerability due to insecure default configuration.
CVE-2014-00764.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)OpenSSL ECDSA nonce disclosure via cache side-channel attacks vulnerability.
CVE-2014-34704.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)OpenSSL Denial of service related to anonymous ECDH cipher suites.
Solution:
All these issues are resolved in CTPOS 6.6R2 (released 20 June 2014) and later releases.
Workaround:
Limiting access to the device from only trusted hosts would help mitigate or reduce the risks of exposure to these issues.

Implementation:
CTPOS Releases are available for download from http://www.juniper.net/support/downloads/.

Modification History:
Modification History:

2014-11-12: Initial publication.
2017-03-05: Category restructure.

CVSS Score:
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Severity Level:
Medium
Severity Assessment:
NTP vulnerability CVE-2009-0159 and OpenSSL vulnerability CVE-2014-0224 have the highest CVSS v2 base score of 6.8 in this advisory.
Acknowledgements:

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search