TTCSIRT-107.041318: TT-CSIRT Advisory – Juniper Security Updates

Juniper Networks has released a series of security updates to address several vulnerabilities in its products.

Details are as follows:

a) Junos OS – kernel crash upon receipt of crafted CLNP packets (CVE-2018-0016)

b) SRX Series – denial-of-service vulnerability in flowd daemon on devices configured with NAT-PT (CVE-2018-0017)

c) SRX Series – crafted packet may lead to information disclosure and firewall rule bypass during compilation of IDP policies (CVE-2018-0018)

d) Junos – denial-of-service vulnerability in SNMP MIB-II subagent daemon (mib2d) (CVE-2018-0019)

e) Junos OS – rpd daemon cores due to malformed BGP UPDATE packet (CVE-2018-0020)

f) Steel-Belted Radius Carrier – eclipse Jetty information disclosure vulnerability (CVE-2015-2080)

g) NorthStar – return of Bleichenbacher’s Oracle Threat (ROBOT) RSA SSL attack (CVE-2017-1000385)

h) OpenSSL – multiple vulnerabilities resolved in OpenSSL

i) Junos OS – multiple vulnerabilities in stunnel 5.38

j) NSM Appliance – multiple vulnerabilities resolved in CentOS 6.5-based 2012.2R12 release

k) Junos OS – short MacSec keys may allow man-in-the-middle attacks

l) Junos OS – mbuf leak due to processing MPLS packets in VPLS networks (CVE-2018-0022)

m) Junos Snapshot Administrator (JSNAPy) – world writeable default configuration file permission (CVE-2018-0023)

A remote attacker could exploit some of these vulnerabilities to take control of an affected system.