Juniper Networks ha lanzado actualizaciones de seguridad para abordar multiples vulnerabilidades que afectan a sus productos. Un atacante podría aprovechar algunas de estas vulnerabilidades para tomar el control de los sistemas afectados.
Se recomienda a los usuarios y administradores revisar los siguientes avisos de seguridad de Juniper y aplicar las actualizaciones necesarias:
ScreenOS: Etherleak vulnerability found on ScreenOS device (CVE-2018-0014)
Junos Space Security Director and Log Collector: Multiple vulnerabilities resolved in 17.2R1 release
CTPView: Multiple Linux kernel vulnerabilities
Junos Space: Multiple vulnerabilities resolved in 17.2R1 release
Junos OS: OpenSSH Memory exhaustion due to unregistered KEXINIT handler (CVE-2016-8858)
SRX Series: Firewall bypass vulnerability when UUID with leading zeros is configured. (CVE-2018-0009)
Junos: commit script may allow unauthenticated root login upon reboot (CVE-2018-0008)
Junos: bbe-smgd process denial of service while processing VLAN authentication requests/rejects (CVE-2018-0006)
Junos OS: MAC move limit configured to drop traffic may forward traffic. (CVE-2018-0005)
Junos OS: Kernel Denial of Service Vulnerability (CVE-2018-0004)
Junos OS: A crafted MPLS packet may lead to a kernel crash (CVE-2018-0003)
Junos OS: Malicious LLDP crafted packet leads to privilege escalation, denial of service. (CVE-2018-0007)
Junos OS: MX series, SRX series: Denial of service vulnerability in Flowd on devices with ALG enabled. (CVE-2018-0002)
Junos: Unauthenticated Remote Code Execution through J-Web interface (CVE-2018-0001)
ScreenOS: Etherleak vulnerability found on ScreenOS device (CVE-2018-0014)
Junos Space Security Director and Log Collector: Multiple vulnerabilities resolved in 17.2R1 release
CTPView: Multiple Linux kernel vulnerabilities
Junos Space: Multiple vulnerabilities resolved in 17.2R1 release
Junos OS: OpenSSH Memory exhaustion due to unregistered KEXINIT handler (CVE-2016-8858)
SRX Series: Firewall bypass vulnerability when UUID with leading zeros is configured. (CVE-2018-0009)
Junos: commit script may allow unauthenticated root login upon reboot (CVE-2018-0008)
Junos: bbe-smgd process denial of service while processing VLAN authentication requests/rejects (CVE-2018-0006)
Junos OS: MAC move limit configured to drop traffic may forward traffic. (CVE-2018-0005)
Junos OS: Kernel Denial of Service Vulnerability (CVE-2018-0004)
Junos OS: A crafted MPLS packet may lead to a kernel crash (CVE-2018-0003)
Junos OS: Malicious LLDP crafted packet leads to privilege escalation, denial of service. (CVE-2018-0007)
Junos OS: MX series, SRX series: Denial of service vulnerability in Flowd on devices with ALG enabled. (CVE-2018-0002)
Junos: Unauthenticated Remote Code Execution through J-Web interface (CVE-2018-0001)
