All the vulnerabilites related to juniper - netscreen_screenos
cve-2001-0589
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
EPSS score ?
Summary
NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/6317 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/1780 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/2523 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2001-03/0375.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:04.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscreen-screenos-bypass-firewall(6317)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6317"
},
{
"name": "1780",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1780"
},
{
"name": "2523",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2523"
},
{
"name": "20010326 Netscreen: DMZ Network Receives Some \"Denied\" Traffic",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0375.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-03-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ \u0027denial\u0027 policy via specific traffic patterns."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscreen-screenos-bypass-firewall(6317)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6317"
},
{
"name": "1780",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1780"
},
{
"name": "2523",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2523"
},
{
"name": "20010326 Netscreen: DMZ Network Receives Some \"Denied\" Traffic",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0375.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0589",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ \u0027denial\u0027 policy via specific traffic patterns."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscreen-screenos-bypass-firewall(6317)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6317"
},
{
"name": "1780",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1780"
},
{
"name": "2523",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2523"
},
{
"name": "20010326 Netscreen: DMZ Network Receives Some \"Denied\" Traffic",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0375.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0589",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-07-27T00:00:00",
"dateUpdated": "2024-08-08T04:30:04.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1547
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
EPSS score ?
Summary
Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.iss.net/security_center/static/10528.php | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2002-10/0443.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.netscreen.com/support/alerts/11_06_02.html | x_refsource_CONFIRM | |
| http://www.osvdb.org/4376 | vdb-entry, x_refsource_OSVDB | |
| http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0053.html | mailing-list, x_refsource_VULNWATCH | |
| http://www.kb.cert.org/vuls/id/930161 | third-party-advisory, x_refsource_CERT-VN | |
| http://archives.neohapsis.com/archives/bugtraq/2002-10/0446.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0054.html | mailing-list, x_refsource_VULNWATCH |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.860Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscreen-ssh-dos(10528)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10528.php"
},
{
"name": "20021101 Netscreen SSH1 CRC32 Compensation Denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0443.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.netscreen.com/support/alerts/11_06_02.html"
},
{
"name": "4376",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4376"
},
{
"name": "20021101 Netscreen SSH1 CRC32 Compensation Denial of service",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0053.html"
},
{
"name": "VU#930161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/930161"
},
{
"name": "20021101 (Correction) Netscreen SSH1 CRC32 Compensation Denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0446.html"
},
{
"name": "20021101 (Correction) Netscreen SSH1 CRC32 Compensation Denial of service",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0054.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscreen-ssh-dos(10528)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10528.php"
},
{
"name": "20021101 Netscreen SSH1 CRC32 Compensation Denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0443.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.netscreen.com/support/alerts/11_06_02.html"
},
{
"name": "4376",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4376"
},
{
"name": "20021101 Netscreen SSH1 CRC32 Compensation Denial of service",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0053.html"
},
{
"name": "VU#930161",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/930161"
},
{
"name": "20021101 (Correction) Netscreen SSH1 CRC32 Compensation Denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0446.html"
},
{
"name": "20021101 (Correction) Netscreen SSH1 CRC32 Compensation Denial of service",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0054.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscreen-ssh-dos(10528)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10528.php"
},
{
"name": "20021101 Netscreen SSH1 CRC32 Compensation Denial of service",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0443.html"
},
{
"name": "http://www.netscreen.com/support/alerts/11_06_02.html",
"refsource": "CONFIRM",
"url": "http://www.netscreen.com/support/alerts/11_06_02.html"
},
{
"name": "4376",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4376"
},
{
"name": "20021101 Netscreen SSH1 CRC32 Compensation Denial of service",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0053.html"
},
{
"name": "VU#930161",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/930161"
},
{
"name": "20021101 (Correction) Netscreen SSH1 CRC32 Compensation Denial of service",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0446.html"
},
{
"name": "20021101 (Correction) Netscreen SSH1 CRC32 Compensation Denial of service",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0054.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1547",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-03-04T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-2640
Vulnerability from cvelistv5
Published
2005-08-20 04:00
Modified
2024-08-07 22:45
Severity ?
EPSS score ?
Summary
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/14595 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=112438068426034&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm | x_refsource_MISC | |
| http://securitytracker.com/id?1014728 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/16474/ | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:45:01.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14595",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14595"
},
{
"name": "20050818 Juniper Netscreen VPN Username Enumeration Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112438068426034\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm"
},
{
"name": "1014728",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014728"
},
{
"name": "16474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/16474/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14595",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14595"
},
{
"name": "20050818 Juniper Netscreen VPN Username Enumeration Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112438068426034\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm"
},
{
"name": "1014728",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014728"
},
{
"name": "16474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/16474/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14595",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14595"
},
{
"name": "20050818 Juniper Netscreen VPN Username Enumeration Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112438068426034\u0026w=2"
},
{
"name": "http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm",
"refsource": "MISC",
"url": "http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm"
},
{
"name": "1014728",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014728"
},
{
"name": "16474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16474/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2640",
"datePublished": "2005-08-20T04:00:00",
"dateReserved": "2005-08-20T00:00:00",
"dateUpdated": "2024-08-07T22:45:01.317Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-0059
Vulnerability from cvelistv5
Published
2018-10-10 18:00
Modified
2024-09-16 18:24
Severity ?
EPSS score ?
Summary
A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. Affected releases are Juniper Networks ScreenOS 6.3.0 versions prior to 6.3.0r26.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kb.juniper.net/JSA10894 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Juniper Networks | ScreenOS |
Version: 6.3.0 < 6.3.0r26 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:14:16.065Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA10894"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ScreenOS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "6.3.0r26",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marcel Bilal from IT-Dienstleistungszentrum Berlin"
}
],
"datePublic": "2018-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. Affected releases are Juniper Networks ScreenOS 6.3.0 versions prior to 6.3.0r26."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T17:57:01",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA10894"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: ScreenOS 6.3.0r26 and all subsequent releases.\n\nReview and clear any previously stored cross-site scripting entries."
}
],
"source": {
"advisory": "JSA10894",
"defect": [
"1323345"
],
"discovery": "EXTERNAL"
},
"title": "ScreenOS: Stored Cross-Site Scripting (XSS) vulnerability",
"workarounds": [
{
"lang": "en",
"value": "Use access lists or firewall filters to limit access to the device only from trusted hosts and administrators.\n\nIn addition to the recommendations listed above, it is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device only from trusted, administrative networks or hosts."
},
{
"lang": "en",
"value": "Disable the web administrative interface if it is not necessary."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2018-10-10T16:00:00.000Z",
"ID": "CVE-2018-0059",
"STATE": "PUBLIC",
"TITLE": "ScreenOS: Stored Cross-Site Scripting (XSS) vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ScreenOS",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "6.3.0",
"version_value": "6.3.0r26"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Marcel Bilal from IT-Dienstleistungszentrum Berlin"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. Affected releases are Juniper Networks ScreenOS 6.3.0 versions prior to 6.3.0r26."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10894",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10894"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: ScreenOS 6.3.0r26 and all subsequent releases.\n\nReview and clear any previously stored cross-site scripting entries."
}
],
"source": {
"advisory": "JSA10894",
"defect": [
"1323345"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Use access lists or firewall filters to limit access to the device only from trusted hosts and administrators.\n\nIn addition to the recommendations listed above, it is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device only from trusted, administrative networks or hosts."
},
{
"lang": "en",
"value": "Disable the web administrative interface if it is not necessary."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2018-0059",
"datePublished": "2018-10-10T18:00:00Z",
"dateReserved": "2017-11-16T00:00:00",
"dateUpdated": "2024-09-16T18:24:49.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0891
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 03:03
Severity ?
EPSS score ?
Summary
The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.iss.net/security_center/static/9186.php | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/4842 | vdb-entry, x_refsource_BID | |
| http://online.securityfocus.com/archive/1/274240 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.netscreen.com/support/ns25_reboot.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscreen-screenos-username-dos(9186)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9186.php"
},
{
"name": "4842",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4842"
},
{
"name": "20020527 Netscreen 25 unauthorised reboot issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/274240"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.netscreen.com/support/ns25_reboot.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-09-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscreen-screenos-username-dos(9186)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9186.php"
},
{
"name": "4842",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4842"
},
{
"name": "20020527 Netscreen 25 unauthorised reboot issue",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/274240"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.netscreen.com/support/ns25_reboot.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscreen-screenos-username-dos(9186)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9186.php"
},
{
"name": "4842",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4842"
},
{
"name": "20020527 Netscreen 25 unauthorised reboot issue",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/274240"
},
{
"name": "http://www.netscreen.com/support/ns25_reboot.html",
"refsource": "CONFIRM",
"url": "http://www.netscreen.com/support/ns25_reboot.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0891",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-08-16T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-2150
Vulnerability from cvelistv5
Published
2005-11-16 21:17
Modified
2024-09-16 17:23
Severity ?
EPSS score ?
Summary
Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/6023 | vdb-entry, x_refsource_BID | |
| http://www.kb.cert.org/vuls/id/539363 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.iss.net/security_center/static/10449.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6023"
},
{
"name": "VU#539363",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/539363"
},
{
"name": "firewall-state-table-dos(10449)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10449.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-16T21:17:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6023"
},
{
"name": "VU#539363",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/539363"
},
{
"name": "firewall-state-table-dos(10449)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10449.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2150",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6023"
},
{
"name": "VU#539363",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/539363"
},
{
"name": "firewall-state-table-dos(10449)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10449.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2150",
"datePublished": "2005-11-16T21:17:00Z",
"dateReserved": "2005-11-16T00:00:00Z",
"dateUpdated": "2024-09-16T17:23:11.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1446
Vulnerability from cvelistv5
Published
2005-02-13 05:00
Modified
2024-08-08 00:53
Severity ?
EPSS score ?
Summary
Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/749870 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.juniper.net/support/security/alerts/screenos-sshv1-2.txt | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/10854 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16876 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/12208/ | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:24.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#749870",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/749870"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.juniper.net/support/security/alerts/screenos-sshv1-2.txt"
},
{
"name": "10854",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10854"
},
{
"name": "netscreen-screenos-sshv1-dos(16876)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16876"
},
{
"name": "12208",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12208/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#749870",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/749870"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.juniper.net/support/security/alerts/screenos-sshv1-2.txt"
},
{
"name": "10854",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10854"
},
{
"name": "netscreen-screenos-sshv1-dos(16876)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16876"
},
{
"name": "12208",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12208/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#749870",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/749870"
},
{
"name": "http://www.juniper.net/support/security/alerts/screenos-sshv1-2.txt",
"refsource": "CONFIRM",
"url": "http://www.juniper.net/support/security/alerts/screenos-sshv1-2.txt"
},
{
"name": "10854",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10854"
},
{
"name": "netscreen-screenos-sshv1-dos(16876)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16876"
},
{
"name": "12208",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12208/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1446",
"datePublished": "2005-02-13T05:00:00",
"dateReserved": "2005-02-13T00:00:00",
"dateUpdated": "2024-08-08T00:53:24.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-6096
Vulnerability from cvelistv5
Published
2009-02-09 17:00
Modified
2024-08-07 11:20
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31528 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2008/2713 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/32078 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.layereddefense.com/netscreen01oct.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:25.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31528",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31528"
},
{
"name": "ADV-2008-2713",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2713"
},
{
"name": "32078",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32078"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.layereddefense.com/netscreen01oct.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31528",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31528"
},
{
"name": "ADV-2008-2713",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2713"
},
{
"name": "32078",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32078"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.layereddefense.com/netscreen01oct.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31528"
},
{
"name": "ADV-2008-2713",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2713"
},
{
"name": "32078",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32078"
},
{
"name": "http://www.layereddefense.com/netscreen01oct.html",
"refsource": "MISC",
"url": "http://www.layereddefense.com/netscreen01oct.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6096",
"datePublished": "2009-02-09T17:00:00",
"dateReserved": "2009-02-09T00:00:00",
"dateUpdated": "2024-08-07T11:20:25.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0234
Vulnerability from cvelistv5
Published
2002-05-03 04:00
Modified
2024-08-08 02:42
Severity ?
EPSS score ?
Summary
NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=101258887105690&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://marc.info/?l=bugtraq&m=101258281818524&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://online.securityfocus.com/archive/1/254268 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/8057.php | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/4015 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:28.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020201 RE: NetScreen ScreenOS 2.6 Subject to Trust Interface DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101258887105690\u0026w=2"
},
{
"name": "20020201 NetScreen ScreenOS 2.6 Subject to Trust Interface DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101258281818524\u0026w=2"
},
{
"name": "20020205 NetScreen Response to ScreenOS Port Scan DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/254268"
},
{
"name": "netscreen-screenos-scan-dos(8057)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8057.php"
},
{
"name": "4015",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020201 RE: NetScreen ScreenOS 2.6 Subject to Trust Interface DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101258887105690\u0026w=2"
},
{
"name": "20020201 NetScreen ScreenOS 2.6 Subject to Trust Interface DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101258281818524\u0026w=2"
},
{
"name": "20020205 NetScreen Response to ScreenOS Port Scan DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/254268"
},
{
"name": "netscreen-screenos-scan-dos(8057)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8057.php"
},
{
"name": "4015",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4015"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020201 RE: NetScreen ScreenOS 2.6 Subject to Trust Interface DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101258887105690\u0026w=2"
},
{
"name": "20020201 NetScreen ScreenOS 2.6 Subject to Trust Interface DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101258281818524\u0026w=2"
},
{
"name": "20020205 NetScreen Response to ScreenOS Port Scan DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/254268"
},
{
"name": "netscreen-screenos-scan-dos(8057)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8057.php"
},
{
"name": "4015",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4015"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0234",
"datePublished": "2002-05-03T04:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T02:42:28.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | netscreen_screenos | 2.5 | |
| juniper | netscreen_screenos | 2.5r1 | |
| juniper | netscreen_screenos | 2.5r2 | |
| juniper | netscreen_screenos | 2.5r6 | |
| juniper | netscreen_screenos | 2.6.1 | |
| juniper | netscreen_screenos | 2.6.1r1 | |
| juniper | netscreen_screenos | 2.6.1r2 | |
| juniper | netscreen_screenos | 2.6.1r3 | |
| juniper | netscreen_screenos | 2.6.1r4 | |
| juniper | netscreen_screenos | 2.6.1r5 | |
| juniper | netscreen_screenos | 2.7.1 | |
| juniper | netscreen_screenos | 2.7.1r1 | |
| juniper | netscreen_screenos | 2.7.1r2 | |
| juniper | netscreen_screenos | 2.7.1r3 | |
| juniper | netscreen_screenos | 2.8_r1 | |
| juniper | netscreen_screenos | 2.10_r3 | |
| juniper | netscreen_screenos | 2.10_r4 | |
| juniper | netscreen_screenos | 3.0.0 | |
| juniper | netscreen_screenos | 3.0.0r1 | |
| juniper | netscreen_screenos | 3.0.0r2 | |
| juniper | netscreen_screenos | 3.0.0r3 | |
| juniper | netscreen_screenos | 3.0.0r4 | |
| juniper | netscreen_screenos | 3.0.1r1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4D38841C-DF2D-41D8-BD15-EBBB9E9D83E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5r1:*:*:*:*:*:*:*",
"matchCriteriaId": "DDDBDBE1-E16B-4F03-9072-8B28E9467FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5r2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E099835-7C70-44F1-9E2B-07AF5B3C0577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5r6:*:*:*:*:*:*:*",
"matchCriteriaId": "D10CDE09-1896-4E99-B2A0-93F89164225A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F43896A-2EF6-4069-8B81-815E4C232C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7DFAB9-4D4D-4179-9DC4-F654D6E2DAB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "26EC0CE2-5A5C-44ED-A423-CC20B7FFE22F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BD48EE-C23B-412C-895D-F58CD81FC673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r4:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A6CA51-F121-44F7-80D1-CF38261D299C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5064E9A-677E-418E-91A7-2DB686B662DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE7F646-B716-47D7-84E8-CA875A85C983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA96638D-AD5F-4EFD-983B-181DCCF3EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E30F9B6-24EB-44FB-9E73-5DD480A48CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1648D07-823B-4BF9-87EC-DB34797B5B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.8_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "B33B8346-B753-443F-BB24-74FF6C55340B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.10_r3:*:*:*:*:*:*:*",
"matchCriteriaId": "47DE8E73-0F1B-42E4-9BD6-7F5066D7330B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.10_r4:*:*:*:*:*:*:*",
"matchCriteriaId": "057B0387-44C0-45BE-9D91-D5A01C9D8020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28EB52A7-E8EC-46AA-A3F5-81BFA01666D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "A25881AB-69D0-46E5-A502-C65933A457B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "B14314AE-812D-4654-B6CE-43917A1F0542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7E636-40E0-45CC-A39E-C8BDF9CFBE6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "463EC9BA-B241-45D6-AB89-53EB8156E40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "D53868A9-67B6-40AD-B4F0-6911F1D2FC6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name."
},
{
"lang": "es",
"value": "El Interfaz web (WebUI) de NetScreen ScreenOS desde la 2.6.1r8 a la anterior a la 3.1.0r1 permite a atacantes remotos causar la Denegaci\u00f3n de Servicios (por caida), mediante un nombre largo de usuario."
}
],
"id": "CVE-2002-0891",
"lastModified": "2024-11-20T23:40:07.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/274240"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9186.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.netscreen.com/support/ns25_reboot.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/274240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/9186.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.netscreen.com/support/ns25_reboot.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4842"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:42
Severity ?
Summary
Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.iss.net/security_center/static/10449.php | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/539363 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/6023 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10449.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/539363 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/6023 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | netscreen_screenos | 2.7.1 | |
| juniper | netscreen_screenos | 2.7.1r1 | |
| juniper | netscreen_screenos | 2.7.1r2 | |
| juniper | netscreen_screenos | 2.7.1r3 | |
| juniper | netscreen_screenos | 2.10_r3 | |
| juniper | netscreen_screenos | 2.10_r4 | |
| juniper | netscreen_screenos | 3.0.1r1 | |
| juniper | netscreen_screenos | 3.0.1r2 | |
| juniper | netscreen_screenos | 3.0.3_r1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE7F646-B716-47D7-84E8-CA875A85C983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA96638D-AD5F-4EFD-983B-181DCCF3EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E30F9B6-24EB-44FB-9E73-5DD480A48CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1648D07-823B-4BF9-87EC-DB34797B5B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.10_r3:*:*:*:*:*:*:*",
"matchCriteriaId": "47DE8E73-0F1B-42E4-9BD6-7F5066D7330B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.10_r4:*:*:*:*:*:*:*",
"matchCriteriaId": "057B0387-44C0-45BE-9D91-D5A01C9D8020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "D53868A9-67B6-40AD-B4F0-6911F1D2FC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA52D22-A0D6-413A-9F49-0452356D2BE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3_r1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05578911-51E3-447B-98B6-083D3F35E8F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections."
}
],
"id": "CVE-2002-2150",
"lastModified": "2024-11-20T23:42:59.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10449.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/539363"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10449.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/539363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6023"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-05-29 04:00
Modified
2024-11-20 23:38
Severity ?
Summary
NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | netscreen_screenos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "357A2EA6-A0F0-4968-AA45-E45A3D109358",
"versionEndIncluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections."
},
{
"lang": "es",
"value": "NetScreen ScreenOS anteriores a 2.6.1 no soporta el establecimiento de un n\u00famero m\u00e1ximo de sesiones concurrentes para un sistema, lo que permite a un atacante en la red de confianza causar una denegaci\u00f3n de servicio (agotamiento de recursos) mediante un escaneo de puertos a una red externa, lo que consume todas las conexiones disponibles."
}
],
"id": "CVE-2002-0234",
"lastModified": "2024-11-20T23:38:37.043",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-05-29T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101258281818524\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101258887105690\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/254268"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8057.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101258281818524\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101258887105690\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/254268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8057.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4015"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "24BB54A7-24D0-409E-8924-D212543E4AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.64:*:*:*:*:*:*:*",
"matchCriteriaId": "74187E80-0EDA-4FE7-A113-FCB723AF08B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.66:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6691BE-2591-495A-BB72-2DA9956944A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.66_r2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB79FD3-29CB-4694-9A67-C6AF2EADA89D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.73_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "92455F85-9BFA-4684-9A6D-0E52AFA7161B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.73_r2:*:*:*:*:*:*:*",
"matchCriteriaId": "1173EA59-AEAE-49E6-B6DD-775B28C678D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.0.1_r8:*:*:*:*:*:*:*",
"matchCriteriaId": "6711CD61-E16E-41B8-8948-592171D73B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD0131A-D07C-4B23-8CEC-E7CF659DB55E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.1_r6:*:*:*:*:*:*:*",
"matchCriteriaId": "2837DDC0-9F2C-4782-AA1E-5315AB12528F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.1_r7:*:*:*:*:*:*:*",
"matchCriteriaId": "07B065C9-93C6-43EB-ADD1-532FC6FBEA87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4D38841C-DF2D-41D8-BD15-EBBB9E9D83E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5r1:*:*:*:*:*:*:*",
"matchCriteriaId": "DDDBDBE1-E16B-4F03-9072-8B28E9467FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5r2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E099835-7C70-44F1-9E2B-07AF5B3C0577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5r6:*:*:*:*:*:*:*",
"matchCriteriaId": "D10CDE09-1896-4E99-B2A0-93F89164225A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3159CA4-0944-4419-9B60-E93269710377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F43896A-2EF6-4069-8B81-815E4C232C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7DFAB9-4D4D-4179-9DC4-F654D6E2DAB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "26EC0CE2-5A5C-44ED-A423-CC20B7FFE22F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BD48EE-C23B-412C-895D-F58CD81FC673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r4:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A6CA51-F121-44F7-80D1-CF38261D299C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5064E9A-677E-418E-91A7-2DB686B662DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r6:*:*:*:*:*:*:*",
"matchCriteriaId": "DB00325B-29C6-41DA-9274-C9B4C54BC53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF67517-638C-4D57-8402-F336A74C4BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r8:*:*:*:*:*:*:*",
"matchCriteriaId": "07AC301B-0487-4FDB-B1F8-B225099B96FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r9:*:*:*:*:*:*:*",
"matchCriteriaId": "A7CE0BC3-6B59-4EAB-A2BD-CF73B3BD415F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r10:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B65997-2AB7-42D1-A1D9-E999A33366CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r11:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3F1262-141B-48E0-8EAC-97B043EBD9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r12:*:*:*:*:*:*:*",
"matchCriteriaId": "214DA9E7-E8E5-4579-86E8-A5A8BC887860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE7F646-B716-47D7-84E8-CA875A85C983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA96638D-AD5F-4EFD-983B-181DCCF3EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E30F9B6-24EB-44FB-9E73-5DD480A48CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1648D07-823B-4BF9-87EC-DB34797B5B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D06FC50-39AE-4988-8C96-38A991CD7F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.8_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "B33B8346-B753-443F-BB24-74FF6C55340B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.10_r3:*:*:*:*:*:*:*",
"matchCriteriaId": "47DE8E73-0F1B-42E4-9BD6-7F5066D7330B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.10_r4:*:*:*:*:*:*:*",
"matchCriteriaId": "057B0387-44C0-45BE-9D91-D5A01C9D8020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28EB52A7-E8EC-46AA-A3F5-81BFA01666D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "A25881AB-69D0-46E5-A502-C65933A457B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "B14314AE-812D-4654-B6CE-43917A1F0542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7E636-40E0-45CC-A39E-C8BDF9CFBE6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "463EC9BA-B241-45D6-AB89-53EB8156E40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "179C18B1-3731-4DBC-A942-D810671401BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "D53868A9-67B6-40AD-B4F0-6911F1D2FC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA52D22-A0D6-413A-9F49-0452356D2BE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "02BF2DCD-4F61-4FA2-B82B-FB9DEB33054F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r4:*:*:*:*:*:*:*",
"matchCriteriaId": "1C844B2C-26BB-460D-A36E-B74F45169F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r5:*:*:*:*:*:*:*",
"matchCriteriaId": "93F618F5-E695-41BA-BFDB-E63A9A422F74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r6:*:*:*:*:*:*:*",
"matchCriteriaId": "31811D82-B28F-49CD-8C86-A4DE7CD95F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r7:*:*:*:*:*:*:*",
"matchCriteriaId": "56D1957D-9F30-4D66-BA14-8015E260C076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FCB548-2488-4EBC-AA21-4A57F5F87E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4C0FC0-AB52-498B-84AE-DF2C380B079D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3_r1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05578911-51E3-447B-98B6-083D3F35E8F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D71F4A5-7380-4E0E-9B81-7CCBECA3EFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r2:*:*:*:*:*:*:*",
"matchCriteriaId": "981D2274-9686-4F6F-83B1-F4D0DA909983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5CD9C77-891A-4E0D-9D5D-214466699044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r4:*:*:*:*:*:*:*",
"matchCriteriaId": "F27C7E28-915C-4ECC-A9BC-779F70905614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r5:*:*:*:*:*:*:*",
"matchCriteriaId": "47206DFC-7840-4CB8-8ED4-2212C287B4DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r6:*:*:*:*:*:*:*",
"matchCriteriaId": "A46904E1-F2E5-45BA-8945-4FB3EF34D299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r7:*:*:*:*:*:*:*",
"matchCriteriaId": "45551432-C02B-426D-89DC-16573A7C8CD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCFE4A9-9018-4F21-8BB4-D12AD0C33690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFC9DEB-00D5-4FC9-A608-1F7364FF21F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBA6417-9C4C-41D9-91C7-96C255EB2298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C65E89-186B-4D14-8A40-58B780731DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "26637853-7036-434E-A9AC-AAC88D84D826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A890FC9-CF8B-413A-A580-2F59A42D1744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "F555CCA2-95D0-4D11-A182-5A00A03403D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B50AC2-39DE-4446-A9ED-0627C4A9DC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r7:*:*:*:*:*:*:*",
"matchCriteriaId": "F01ED64F-5617-412D-807D-7FAF0E45172F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r8:*:*:*:*:*:*:*",
"matchCriteriaId": "50B215E3-FDB1-43C6-9A7E-A98F381CB311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r9:*:*:*:*:*:*:*",
"matchCriteriaId": "058331CE-8DCF-4B8D-83F5-F23D935D9931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r10:*:*:*:*:*:*:*",
"matchCriteriaId": "98D3D6B3-7BB7-40AC-8FB3-F8362DA36047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r11:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2E0233-3161-4B45-9EB2-D46BE76E1520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r12:*:*:*:*:*:*:*",
"matchCriteriaId": "12B61290-20EC-4D3C-A7BF-85545F5BA5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.1_r2:*:*:*:*:*:*:*",
"matchCriteriaId": "A85A76EC-8F86-47A6-A85A-8B4216C99142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26958BB3-1484-42EC-AC3A-33A748B377F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0:*:dial:*:*:*:*:*",
"matchCriteriaId": "6AB0B6EE-BEDE-46AD-859E-9601297B0217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E29D5B-872A-4CD5-9A44-EBFA5A7C7554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3851B7-72BC-4DDF-A718-69068128CA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "19A6D877-DF7D-4E9B-8855-2ACF97C5FC29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "54FBDD05-CAA6-4034-8C2D-94E965BE2132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD1CFF3-3211-43E2-858C-37142EE54490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC0306C-FDDD-4B5F-B371-17CA2231C63A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r7:*:*:*:*:*:*:*",
"matchCriteriaId": "63E607F4-E348-4385-9C2C-558BB0402585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r8:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA445F-428A-4EDB-A18A-5E626D0E04BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r9:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8885D9-20A0-443D-9650-912F360C9B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r10:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD70CC4-334A-4734-97DE-C31A6C2014AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r11:*:*:*:*:*:*:*",
"matchCriteriaId": "AC456F90-05EB-4C88-9650-ED71A35A80C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r12:*:*:*:*:*:*:*",
"matchCriteriaId": "FAEA92AE-A047-4A20-A209-B9CAC646BFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78FF0914-F907-41F4-9F2D-6ECD601C73C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "48518416-3F00-4174-A0EF-57E5A614F8A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "ACCD6F2D-642E-407E-A16D-73B97F709431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "438438F8-C7C3-427A-B7AA-1E7F8DA5C014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r4:*:*:*:*:*:*:*",
"matchCriteriaId": "ED08E19A-67ED-47F9-B40F-B8CFF496AF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r5:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9021FD-198B-4D7D-BAF3-D83EC3D64EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r6:*:*:*:*:*:*:*",
"matchCriteriaId": "01E861C0-AF82-4F7C-A515-005083D7D699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r7:*:*:*:*:*:*:*",
"matchCriteriaId": "38B7AEE2-BAA4-4FDA-A627-F5A7370D2C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r8:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCB5149-8C43-42A2-A9B2-541802FBE5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r9:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3A3552-2D77-494E-902E-9529AA2074D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r10:*:*:*:*:*:*:*",
"matchCriteriaId": "BD90D085-60F7-4B3F-8C82-B9F362EFFB89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "627A41F5-BE3C-41AD-B455-0D73BE5CA010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7D41144E-9F64-4919-87DA-09092AA2030A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r1:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BBA70-D185-4A84-8D66-2D3ACE336C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r2:*:*:*:*:*:*:*",
"matchCriteriaId": "D0F6E761-1941-4B9F-98DC-1EED40B851A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r3:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3720A8-B042-4366-A4F2-2262CDD0CAF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r4:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEC6EE-F483-4156-91DB-E939B45D09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4B1021-40CB-4A11-9650-F1BDBD6943D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet."
}
],
"id": "CVE-2004-1446",
"lastModified": "2024-11-20T23:50:54.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/12208/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.juniper.net/support/security/alerts/screenos-sshv1-2.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/749870"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10854"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/12208/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.juniper.net/support/security/alerts/screenos-sshv1-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/749870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16876"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-02-09 17:30
Modified
2024-11-21 00:55
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:netscreen_screenos:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21C730C8-D55E-4DEF-9130-1B3167AFEE7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22455E6B-6FA9-47F6-89FD-797701570AF3",
"versionEndIncluding": "5.4.0r9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E580BC35-89F2-4083-A6D9-F90FAB3C7685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F88A8C0-68F8-42E5-9BCE-DEE19D24A654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3159CA4-0944-4419-9B60-E93269710377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F43896A-2EF6-4069-8B81-815E4C232C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7DFAB9-4D4D-4179-9DC4-F654D6E2DAB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "26EC0CE2-5A5C-44ED-A423-CC20B7FFE22F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BD48EE-C23B-412C-895D-F58CD81FC673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r4:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A6CA51-F121-44F7-80D1-CF38261D299C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5064E9A-677E-418E-91A7-2DB686B662DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r6:*:*:*:*:*:*:*",
"matchCriteriaId": "DB00325B-29C6-41DA-9274-C9B4C54BC53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF67517-638C-4D57-8402-F336A74C4BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r8:*:*:*:*:*:*:*",
"matchCriteriaId": "07AC301B-0487-4FDB-B1F8-B225099B96FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r9:*:*:*:*:*:*:*",
"matchCriteriaId": "A7CE0BC3-6B59-4EAB-A2BD-CF73B3BD415F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r10:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B65997-2AB7-42D1-A1D9-E999A33366CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r11:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3F1262-141B-48E0-8EAC-97B043EBD9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r12:*:*:*:*:*:*:*",
"matchCriteriaId": "214DA9E7-E8E5-4579-86E8-A5A8BC887860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8758A9CA-2F2D-4557-A088-36930CF3B850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE7F646-B716-47D7-84E8-CA875A85C983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA96638D-AD5F-4EFD-983B-181DCCF3EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E30F9B6-24EB-44FB-9E73-5DD480A48CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1648D07-823B-4BF9-87EC-DB34797B5B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28EB52A7-E8EC-46AA-A3F5-81BFA01666D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "A25881AB-69D0-46E5-A502-C65933A457B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "B14314AE-812D-4654-B6CE-43917A1F0542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7E636-40E0-45CC-A39E-C8BDF9CFBE6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "463EC9BA-B241-45D6-AB89-53EB8156E40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "179C18B1-3731-4DBC-A942-D810671401BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "D53868A9-67B6-40AD-B4F0-6911F1D2FC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA52D22-A0D6-413A-9F49-0452356D2BE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "02BF2DCD-4F61-4FA2-B82B-FB9DEB33054F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r4:*:*:*:*:*:*:*",
"matchCriteriaId": "1C844B2C-26BB-460D-A36E-B74F45169F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r5:*:*:*:*:*:*:*",
"matchCriteriaId": "93F618F5-E695-41BA-BFDB-E63A9A422F74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r6:*:*:*:*:*:*:*",
"matchCriteriaId": "31811D82-B28F-49CD-8C86-A4DE7CD95F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r7:*:*:*:*:*:*:*",
"matchCriteriaId": "56D1957D-9F30-4D66-BA14-8015E260C076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FCB548-2488-4EBC-AA21-4A57F5F87E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4C0FC0-AB52-498B-84AE-DF2C380B079D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D71F4A5-7380-4E0E-9B81-7CCBECA3EFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D99A8DF-C4E2-4415-84F9-27F0E510F53B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r2:*:*:*:*:*:*:*",
"matchCriteriaId": "981D2274-9686-4F6F-83B1-F4D0DA909983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5CD9C77-891A-4E0D-9D5D-214466699044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r4:*:*:*:*:*:*:*",
"matchCriteriaId": "F27C7E28-915C-4ECC-A9BC-779F70905614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r5:*:*:*:*:*:*:*",
"matchCriteriaId": "47206DFC-7840-4CB8-8ED4-2212C287B4DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r6:*:*:*:*:*:*:*",
"matchCriteriaId": "A46904E1-F2E5-45BA-8945-4FB3EF34D299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r7:*:*:*:*:*:*:*",
"matchCriteriaId": "45551432-C02B-426D-89DC-16573A7C8CD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCFE4A9-9018-4F21-8BB4-D12AD0C33690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFC9DEB-00D5-4FC9-A608-1F7364FF21F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBA6417-9C4C-41D9-91C7-96C255EB2298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C65E89-186B-4D14-8A40-58B780731DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "26637853-7036-434E-A9AC-AAC88D84D826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A890FC9-CF8B-413A-A580-2F59A42D1744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "F555CCA2-95D0-4D11-A182-5A00A03403D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B50AC2-39DE-4446-A9ED-0627C4A9DC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r7:*:*:*:*:*:*:*",
"matchCriteriaId": "F01ED64F-5617-412D-807D-7FAF0E45172F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r8:*:*:*:*:*:*:*",
"matchCriteriaId": "50B215E3-FDB1-43C6-9A7E-A98F381CB311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r9:*:*:*:*:*:*:*",
"matchCriteriaId": "058331CE-8DCF-4B8D-83F5-F23D935D9931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r10:*:*:*:*:*:*:*",
"matchCriteriaId": "98D3D6B3-7BB7-40AC-8FB3-F8362DA36047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r11:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2E0233-3161-4B45-9EB2-D46BE76E1520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r12:*:*:*:*:*:*:*",
"matchCriteriaId": "12B61290-20EC-4D3C-A7BF-85545F5BA5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26958BB3-1484-42EC-AC3A-33A748B377F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0:*:dial:*:*:*:*:*",
"matchCriteriaId": "6AB0B6EE-BEDE-46AD-859E-9601297B0217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0:*:dial2:*:*:*:*:*",
"matchCriteriaId": "6824A137-79B1-4473-A333-90BA7AF25EC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E29D5B-872A-4CD5-9A44-EBFA5A7C7554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3851B7-72BC-4DDF-A718-69068128CA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "19A6D877-DF7D-4E9B-8855-2ACF97C5FC29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "54FBDD05-CAA6-4034-8C2D-94E965BE2132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD1CFF3-3211-43E2-858C-37142EE54490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC0306C-FDDD-4B5F-B371-17CA2231C63A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r7:*:*:*:*:*:*:*",
"matchCriteriaId": "63E607F4-E348-4385-9C2C-558BB0402585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r8:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA445F-428A-4EDB-A18A-5E626D0E04BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r9:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8885D9-20A0-443D-9650-912F360C9B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r10:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD70CC4-334A-4734-97DE-C31A6C2014AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r11:*:*:*:*:*:*:*",
"matchCriteriaId": "AC456F90-05EB-4C88-9650-ED71A35A80C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r12:*:*:*:*:*:*:*",
"matchCriteriaId": "FAEA92AE-A047-4A20-A209-B9CAC646BFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78FF0914-F907-41F4-9F2D-6ECD601C73C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "48518416-3F00-4174-A0EF-57E5A614F8A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "ACCD6F2D-642E-407E-A16D-73B97F709431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "438438F8-C7C3-427A-B7AA-1E7F8DA5C014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r4:*:*:*:*:*:*:*",
"matchCriteriaId": "ED08E19A-67ED-47F9-B40F-B8CFF496AF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r5:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9021FD-198B-4D7D-BAF3-D83EC3D64EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r6:*:*:*:*:*:*:*",
"matchCriteriaId": "01E861C0-AF82-4F7C-A515-005083D7D699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r7:*:*:*:*:*:*:*",
"matchCriteriaId": "38B7AEE2-BAA4-4FDA-A627-F5A7370D2C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r8:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCB5149-8C43-42A2-A9B2-541802FBE5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r9:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3A3552-2D77-494E-902E-9529AA2074D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r10:*:*:*:*:*:*:*",
"matchCriteriaId": "BD90D085-60F7-4B3F-8C82-B9F362EFFB89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "627A41F5-BE3C-41AD-B455-0D73BE5CA010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7D41144E-9F64-4919-87DA-09092AA2030A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r1:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BBA70-D185-4A84-8D66-2D3ACE336C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r2:*:*:*:*:*:*:*",
"matchCriteriaId": "D0F6E761-1941-4B9F-98DC-1EED40B851A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r3:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3720A8-B042-4366-A4F2-2262CDD0CAF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r4:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEC6EE-F483-4156-91DB-E939B45D09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r5:*:*:*:*:*:*:*",
"matchCriteriaId": "EA33B84C-73DD-4074-985E-CF95A3F0468D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r6:*:*:*:*:*:*:*",
"matchCriteriaId": "4D29B7C5-643E-4339-B13A-9134DDE1AE6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r7:*:*:*:*:*:*:*",
"matchCriteriaId": "FEF33673-F050-4D3F-8078-584D3B740529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r8:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7D82C7-866C-4279-8675-1F9138A4AB6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r9:*:*:*:*:*:*:*",
"matchCriteriaId": "02F22245-4C40-4500-9C17-778C1856BBD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4B1021-40CB-4A11-9650-F1BDBD6943D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "11E6EF4D-86A1-4288-926E-8CF4FE02BDEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B522236-0FBC-4B03-8DA3-95130FD3B6E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "9F2E3C90-1F2F-4CCF-98CB-F8F568BAA65A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "ECDA2644-4771-450E-8798-120C565EE803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "495D80E7-AA96-4DBC-A6D9-47004D3D9D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1729899-3CDC-4A04-BE91-863B5751B55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFF3E46-FAAF-4E06-B19F-12D0C9F17A3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r8:*:*:*:*:*:*:*",
"matchCriteriaId": "F0EC1E3B-89A5-4210-86F0-B2C9C3FEF934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r9:*:*:*:*:*:*:*",
"matchCriteriaId": "A389EA30-D4BC-407B-9961-4ABEDF6733BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r10:*:*:*:*:*:*:*",
"matchCriteriaId": "D16A0E5A-8CA3-42CC-AE45-E349FA4EC3C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0r11:*:*:*:*:*:*:*",
"matchCriteriaId": "F22AE889-F918-45C7-B809-FDB314D54270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19172BCC-BFF0-4031-8AFE-B63422731B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.1.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6D61988-689E-44D3-8652-B434359068D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.1.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B87BFF-30AE-4E44-AAB8-319418580D7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.1.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B4F94EF-318A-41B6-A576-F97107A6419C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.1.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "11C66AB2-DE61-4B80-B438-53805EF62BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98471F46-A271-4B0A-89A9-12D544474393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.2.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A5724A7-933D-47D8-B8F8-0CB62EECB7DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.2.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "33060767-0F2D-40A4-AA94-81006A57BBFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.2.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "AEFDF650-89C8-44DC-80E1-6D8F5CF5568F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29D5A3D5-15AF-4530-AF5D-1D310DCEC711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "226355D7-D2C5-4A76-B48C-EC125224BD6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA229FDB-B699-489E-9BE0-834BDEBD60D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "38C10C31-58EF-424A-8D19-2514C9B0BE8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "28AF5FAA-6A71-479F-9B43-4697C9F9D6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9D8881-13BD-4996-ABA7-9D2B5039536F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "26CC22C6-0529-4751-AA96-019D08EB4E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0r7:*:*:*:*:*:*:*",
"matchCriteriaId": "85C53FA0-1908-4184-B96A-C90E78ADAE8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0r8:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA85126-F442-4453-B1FA-67FA44310562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0r9:*:*:*:*:*:*:*",
"matchCriteriaId": "95BC2FAA-960E-4338-A603-DD4E40346EDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.3.0r10:*:*:*:*:*:*:*",
"matchCriteriaId": "9182E415-88C5-4E03-B909-C0F6474E377B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12496D16-A004-4CFB-AF81-B70AB0EE9053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.4.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "78D7F1E6-D876-4A12-A776-C4B35F0DCEB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.4.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "6D24D89F-A056-4246-854D-09AD8F68EF0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.4.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "3FAFB4F0-DDF6-4B1A-B3E9-A8D279A2208E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.4.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0B37B-EFB4-4E28-8506-8E5174A756F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.4.0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7AAD75-2BA1-4FEA-BC3D-C722BF5B0BEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.4.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C21816-A179-4B02-A9C4-C2DDF4CC80C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.4.0r7:*:*:*:*:*:*:*",
"matchCriteriaId": "A948870F-8F42-4DDB-A5BA-2D8107C11E78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.4.0r8:*:*:*:*:*:*:*",
"matchCriteriaId": "88440D31-ECF0-490D-94E3-197DBDF482DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.4.0r8a:*:*:*:*:*:*:*",
"matchCriteriaId": "91539711-3E94-43D9-8ACE-9F201E68FA85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.0.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB4EFAC-52A9-4083-91AE-93CB2197C090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.1.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDEBDFC-169C-416E-8FFB-F0E142F1760B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Juniper NetScreen ScreenOS anteriores a v5.4r10, v6.0r6, y v6.1r2, permite a atacantes remotos inyectar secuencias de comandos web o HTML mediante el par\u00e1metro nombre de usuario en (1) p\u00e1gina de autenticaci\u00f3n del interfase web o (2) la p\u00e1gina de autenticaci\u00f3n telnet.\r\n"
}
],
"id": "CVE-2008-6096",
"lastModified": "2024-11-21T00:55:39.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-02-09T17:30:00.297",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32078"
},
{
"source": "cve@mitre.org",
"url": "http://www.layereddefense.com/netscreen01oct.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31528"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.layereddefense.com/netscreen01oct.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2713"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-22 04:00
Modified
2024-11-20 23:35
Severity ?
Summary
NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | netscreen_screenos | 1.64 | |
| juniper | netscreen_screenos | 1.66 | |
| juniper | netscreen_screenos | 2.1 | |
| juniper | netscreen_screenos | 2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.64:*:*:*:*:*:*:*",
"matchCriteriaId": "74187E80-0EDA-4FE7-A113-FCB723AF08B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.66:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6691BE-2591-495A-BB72-2DA9956944A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD0131A-D07C-4B23-8CEC-E7CF659DB55E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4D38841C-DF2D-41D8-BD15-EBBB9E9D83E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ \u0027denial\u0027 policy via specific traffic patterns."
}
],
"id": "CVE-2001-0589",
"lastModified": "2024-11-20T23:35:43.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-22T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0375.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1780"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2523"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0375.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6317"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-08-23 04:00
Modified
2024-11-21 00:00
Severity ?
Summary
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "24BB54A7-24D0-409E-8924-D212543E4AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.64:*:*:*:*:*:*:*",
"matchCriteriaId": "74187E80-0EDA-4FE7-A113-FCB723AF08B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.66:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6691BE-2591-495A-BB72-2DA9956944A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.66_r2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB79FD3-29CB-4694-9A67-C6AF2EADA89D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.73_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "92455F85-9BFA-4684-9A6D-0E52AFA7161B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:1.73_r2:*:*:*:*:*:*:*",
"matchCriteriaId": "1173EA59-AEAE-49E6-B6DD-775B28C678D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.0.1_r8:*:*:*:*:*:*:*",
"matchCriteriaId": "6711CD61-E16E-41B8-8948-592171D73B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD0131A-D07C-4B23-8CEC-E7CF659DB55E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.1_r6:*:*:*:*:*:*:*",
"matchCriteriaId": "2837DDC0-9F2C-4782-AA1E-5315AB12528F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.1_r7:*:*:*:*:*:*:*",
"matchCriteriaId": "07B065C9-93C6-43EB-ADD1-532FC6FBEA87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4D38841C-DF2D-41D8-BD15-EBBB9E9D83E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5r1:*:*:*:*:*:*:*",
"matchCriteriaId": "DDDBDBE1-E16B-4F03-9072-8B28E9467FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5r2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E099835-7C70-44F1-9E2B-07AF5B3C0577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.5r6:*:*:*:*:*:*:*",
"matchCriteriaId": "D10CDE09-1896-4E99-B2A0-93F89164225A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3159CA4-0944-4419-9B60-E93269710377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F43896A-2EF6-4069-8B81-815E4C232C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7DFAB9-4D4D-4179-9DC4-F654D6E2DAB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "26EC0CE2-5A5C-44ED-A423-CC20B7FFE22F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BD48EE-C23B-412C-895D-F58CD81FC673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r4:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A6CA51-F121-44F7-80D1-CF38261D299C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5064E9A-677E-418E-91A7-2DB686B662DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r6:*:*:*:*:*:*:*",
"matchCriteriaId": "DB00325B-29C6-41DA-9274-C9B4C54BC53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF67517-638C-4D57-8402-F336A74C4BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r8:*:*:*:*:*:*:*",
"matchCriteriaId": "07AC301B-0487-4FDB-B1F8-B225099B96FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r9:*:*:*:*:*:*:*",
"matchCriteriaId": "A7CE0BC3-6B59-4EAB-A2BD-CF73B3BD415F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r10:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B65997-2AB7-42D1-A1D9-E999A33366CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r11:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3F1262-141B-48E0-8EAC-97B043EBD9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.6.1r12:*:*:*:*:*:*:*",
"matchCriteriaId": "214DA9E7-E8E5-4579-86E8-A5A8BC887860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1CE7F646-B716-47D7-84E8-CA875A85C983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA96638D-AD5F-4EFD-983B-181DCCF3EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E30F9B6-24EB-44FB-9E73-5DD480A48CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.7.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "B1648D07-823B-4BF9-87EC-DB34797B5B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D06FC50-39AE-4988-8C96-38A991CD7F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.8_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "B33B8346-B753-443F-BB24-74FF6C55340B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.10_r3:*:*:*:*:*:*:*",
"matchCriteriaId": "47DE8E73-0F1B-42E4-9BD6-7F5066D7330B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:2.10_r4:*:*:*:*:*:*:*",
"matchCriteriaId": "057B0387-44C0-45BE-9D91-D5A01C9D8020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28EB52A7-E8EC-46AA-A3F5-81BFA01666D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "A25881AB-69D0-46E5-A502-C65933A457B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "B14314AE-812D-4654-B6CE-43917A1F0542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7E636-40E0-45CC-A39E-C8BDF9CFBE6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "463EC9BA-B241-45D6-AB89-53EB8156E40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "179C18B1-3731-4DBC-A942-D810671401BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "D53868A9-67B6-40AD-B4F0-6911F1D2FC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA52D22-A0D6-413A-9F49-0452356D2BE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "02BF2DCD-4F61-4FA2-B82B-FB9DEB33054F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r4:*:*:*:*:*:*:*",
"matchCriteriaId": "1C844B2C-26BB-460D-A36E-B74F45169F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r5:*:*:*:*:*:*:*",
"matchCriteriaId": "93F618F5-E695-41BA-BFDB-E63A9A422F74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r6:*:*:*:*:*:*:*",
"matchCriteriaId": "31811D82-B28F-49CD-8C86-A4DE7CD95F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.1r7:*:*:*:*:*:*:*",
"matchCriteriaId": "56D1957D-9F30-4D66-BA14-8015E260C076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FCB548-2488-4EBC-AA21-4A57F5F87E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4C0FC0-AB52-498B-84AE-DF2C380B079D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3_r1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05578911-51E3-447B-98B6-083D3F35E8F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D71F4A5-7380-4E0E-9B81-7CCBECA3EFF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r2:*:*:*:*:*:*:*",
"matchCriteriaId": "981D2274-9686-4F6F-83B1-F4D0DA909983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5CD9C77-891A-4E0D-9D5D-214466699044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r4:*:*:*:*:*:*:*",
"matchCriteriaId": "F27C7E28-915C-4ECC-A9BC-779F70905614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r5:*:*:*:*:*:*:*",
"matchCriteriaId": "47206DFC-7840-4CB8-8ED4-2212C287B4DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r6:*:*:*:*:*:*:*",
"matchCriteriaId": "A46904E1-F2E5-45BA-8945-4FB3EF34D299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r7:*:*:*:*:*:*:*",
"matchCriteriaId": "45551432-C02B-426D-89DC-16573A7C8CD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.0.3r8:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCFE4A9-9018-4F21-8BB4-D12AD0C33690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFC9DEB-00D5-4FC9-A608-1F7364FF21F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBA6417-9C4C-41D9-91C7-96C255EB2298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C65E89-186B-4D14-8A40-58B780731DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "26637853-7036-434E-A9AC-AAC88D84D826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A890FC9-CF8B-413A-A580-2F59A42D1744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "F555CCA2-95D0-4D11-A182-5A00A03403D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B50AC2-39DE-4446-A9ED-0627C4A9DC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r7:*:*:*:*:*:*:*",
"matchCriteriaId": "F01ED64F-5617-412D-807D-7FAF0E45172F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r8:*:*:*:*:*:*:*",
"matchCriteriaId": "50B215E3-FDB1-43C6-9A7E-A98F381CB311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r9:*:*:*:*:*:*:*",
"matchCriteriaId": "058331CE-8DCF-4B8D-83F5-F23D935D9931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r10:*:*:*:*:*:*:*",
"matchCriteriaId": "98D3D6B3-7BB7-40AC-8FB3-F8362DA36047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r11:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2E0233-3161-4B45-9EB2-D46BE76E1520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.0r12:*:*:*:*:*:*:*",
"matchCriteriaId": "12B61290-20EC-4D3C-A7BF-85545F5BA5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:3.1.1_r2:*:*:*:*:*:*:*",
"matchCriteriaId": "A85A76EC-8F86-47A6-A85A-8B4216C99142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26958BB3-1484-42EC-AC3A-33A748B377F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0:*:dial:*:*:*:*:*",
"matchCriteriaId": "6AB0B6EE-BEDE-46AD-859E-9601297B0217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E29D5B-872A-4CD5-9A44-EBFA5A7C7554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3851B7-72BC-4DDF-A718-69068128CA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "19A6D877-DF7D-4E9B-8855-2ACF97C5FC29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "54FBDD05-CAA6-4034-8C2D-94E965BE2132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD1CFF3-3211-43E2-858C-37142EE54490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC0306C-FDDD-4B5F-B371-17CA2231C63A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r7:*:*:*:*:*:*:*",
"matchCriteriaId": "63E607F4-E348-4385-9C2C-558BB0402585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r8:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA445F-428A-4EDB-A18A-5E626D0E04BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r9:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8885D9-20A0-443D-9650-912F360C9B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r10:*:*:*:*:*:*:*",
"matchCriteriaId": "4FD70CC4-334A-4734-97DE-C31A6C2014AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r11:*:*:*:*:*:*:*",
"matchCriteriaId": "AC456F90-05EB-4C88-9650-ED71A35A80C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.0r12:*:*:*:*:*:*:*",
"matchCriteriaId": "FAEA92AE-A047-4A20-A209-B9CAC646BFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78FF0914-F907-41F4-9F2D-6ECD601C73C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r1:*:*:*:*:*:*:*",
"matchCriteriaId": "48518416-3F00-4174-A0EF-57E5A614F8A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r2:*:*:*:*:*:*:*",
"matchCriteriaId": "ACCD6F2D-642E-407E-A16D-73B97F709431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r3:*:*:*:*:*:*:*",
"matchCriteriaId": "438438F8-C7C3-427A-B7AA-1E7F8DA5C014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r4:*:*:*:*:*:*:*",
"matchCriteriaId": "ED08E19A-67ED-47F9-B40F-B8CFF496AF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r5:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9021FD-198B-4D7D-BAF3-D83EC3D64EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r6:*:*:*:*:*:*:*",
"matchCriteriaId": "01E861C0-AF82-4F7C-A515-005083D7D699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r7:*:*:*:*:*:*:*",
"matchCriteriaId": "38B7AEE2-BAA4-4FDA-A627-F5A7370D2C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r8:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCB5149-8C43-42A2-A9B2-541802FBE5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r9:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3A3552-2D77-494E-902E-9529AA2074D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.1r10:*:*:*:*:*:*:*",
"matchCriteriaId": "BD90D085-60F7-4B3F-8C82-B9F362EFFB89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "627A41F5-BE3C-41AD-B455-0D73BE5CA010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7D41144E-9F64-4919-87DA-09092AA2030A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r1:*:*:*:*:*:*:*",
"matchCriteriaId": "F85BBA70-D185-4A84-8D66-2D3ACE336C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r2:*:*:*:*:*:*:*",
"matchCriteriaId": "D0F6E761-1941-4B9F-98DC-1EED40B851A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r3:*:*:*:*:*:*:*",
"matchCriteriaId": "3A3720A8-B042-4366-A4F2-2262CDD0CAF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:4.0.3r4:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEC6EE-F483-4156-91DB-E939B45D09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4B1021-40CB-4A11-9650-F1BDBD6943D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "19172BCC-BFF0-4031-8AFE-B63422731B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.1.0r3a:*:*:*:*:*:*:*",
"matchCriteriaId": "3ACCBC8E-7C9E-4C3A-8A0F-BBF4E2F92AD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "98471F46-A271-4B0A-89A9-12D544474393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netscreen:ns-10:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDFE9E5-AA71-4D17-886A-E0B493B4B833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netscreen:ns-100:3.0_.pe1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27E6687D-08CF-48AC-8112-555149E57B45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netscreen:ns-204:5.0.0_r6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04797E9E-60CB-40B3-BE23-6051C72A43D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netscreen:ns-204:0110.0_11_4.0_r10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "871B28F0-C082-4AD1-A4DE-22B3DC00E6BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netscreen:ns-204:0110.0_11_5.1.0_r3a:*:*:*:*:*:*:*",
"matchCriteriaId": "1AEABCBA-45BD-45B0-9343-68178FDCB493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netscreen:ns-500:4110.0_11_4.0_r10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F057D3-1ECB-4804-8C83-9277EFD4C322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netscreen:ns-500:4110.0_11_5.1.0_r3a:*:*:*:*:*:*:*",
"matchCriteriaId": "6D551820-CF22-4F80-A2A6-223D9CE63444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netscreen:ns-50ns25:5.0.0_r6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "877DF54F-752E-4FBC-8E00-7F5FD3AE63E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:netscreen-5gt:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A482DFA5-4108-4B0F-BD8E-04FEB52D3537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B97B63E-CE45-4DF9-9838-D9CE96CECE72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp:3.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5F6D51-15B0-449D-9418-8C4C7A1E1D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp:3.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "C696E607-0927-4087-A437-9C5459EB8BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp_10:3.0.1_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "142A3E18-3E20-415E-A53C-01E1C8865300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp_100:3.0.1_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "957172A3-6B8A-48E1-911F-28A6F055FB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp_1000:3.0.1_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "95A9B902-09D4-4A29-9BA7-FD7898B24ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:juniper:netscreen-idp_500:3.0.1_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "214A7AFF-B36F-4ABC-8C7D-93B1493ADEB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netscreen:netscreen-sa_5000_series:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA34EB36-E5E9-43B6-ABB8-B292BC7B0CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netscreen:netscreen-sa_5020_series:4.2_r2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56B26742-2B48-4D2A-8AA3-9E86ED482424",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:netscreen:netscreen-sa_5050_series:4.2_r2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9103D8-B207-4622-AA6C-8D58EB36688E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid."
}
],
"id": "CVE-2005-2640",
"lastModified": "2024-11-21T00:00:02.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-08-23T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112438068426034\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16474/"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1014728"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/14595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112438068426034\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/16474/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1014728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/14595"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-31 05:00
Modified
2024-11-20 23:41
Severity ?
Summary
Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | netscreen_screenos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A54FB8-ABC1-4A86-AD19-94BBB0BB4922",
"versionEndIncluding": "4.0.0r6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144."
}
],
"id": "CVE-2002-1547",
"lastModified": "2024-11-20T23:41:33.867",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0443.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0446.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0053.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0054.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10528.php"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/930161"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.netscreen.com/support/alerts/11_06_02.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0443.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0446.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10528.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/930161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.netscreen.com/support/alerts/11_06_02.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4376"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-10 18:29
Modified
2024-11-21 03:37
Severity ?
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. Affected releases are Juniper Networks ScreenOS 6.3.0 versions prior to 6.3.0r26.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA10894 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.juniper.net/JSA10894 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| juniper | netscreen_screenos | 6.3.0 | |
| juniper | netscreen_screenos | 6.3.0r1 | |
| juniper | netscreen_screenos | 6.3.0r2 | |
| juniper | netscreen_screenos | 6.3.0r3 | |
| juniper | netscreen_screenos | 6.3.0r4 | |
| juniper | netscreen_screenos | 6.3.0r5 | |
| juniper | netscreen_screenos | 6.3.0r6 | |
| juniper | netscreen_screenos | 6.3.0r7 | |
| juniper | netscreen_screenos | 6.3.0r8 | |
| juniper | netscreen_screenos | 6.3.0r9 | |
| juniper | netscreen_screenos | 6.3.0r10 | |
| juniper | netscreen_screenos | 6.3.0r11 | |
| juniper | netscreen_screenos | 6.3.0r12 | |
| juniper | netscreen_screenos | 6.3.0r13 | |
| juniper | netscreen_screenos | 6.3.0r14 | |
| juniper | netscreen_screenos | 6.3.0r15 | |
| juniper | netscreen_screenos | 6.3.0r16 | |
| juniper | netscreen_screenos | 6.3.0r17 | |
| juniper | netscreen_screenos | 6.3.0r18 | |
| juniper | netscreen_screenos | 6.3.0r19 | |
| juniper | netscreen_screenos | 6.3.0r21 | |
| juniper | netscreen_screenos | 6.3.0r22 | |
| juniper | netscreen_screenos | 6.3.0r23 | |
| juniper | netscreen_screenos | 6.3.0r23b1 | |
| juniper | netscreen_screenos | 6.3.0r24 | |
| juniper | netscreen_screenos | 6.3.0r24b1 | |
| juniper | netscreen_screenos | 6.3.0r25 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96401D48-27DC-430A-A4B4-948E17BA6E39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A09352-D6E7-4D28-B56B-482EA05CEE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r2:*:*:*:*:*:*:*",
"matchCriteriaId": "31866992-A433-492F-8917-C6EAE2DE93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC1E507-094A-4E58-860A-13A8358A7B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r4:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD02B72-9C50-4DF9-97A6-A54716E1FE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r5:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3DD43B-6F14-4AE5-8D68-605E6B5DE5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r6:*:*:*:*:*:*:*",
"matchCriteriaId": "D1D1C538-CACD-45A5-B1C1-2335FDA12E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r7:*:*:*:*:*:*:*",
"matchCriteriaId": "6E699028-E9BC-403A-96CB-E16ED464D01B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r8:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD07648-C22A-4DBF-8B40-CB4A8C3C2102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r9:*:*:*:*:*:*:*",
"matchCriteriaId": "1004079D-342C-4EC0-974A-2DE56FC3F700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r10:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7D1CD7-5865-41E8-B559-5C6A75A9B62A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r11:*:*:*:*:*:*:*",
"matchCriteriaId": "2DED0811-87AD-4693-B81A-567904FB8D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r12:*:*:*:*:*:*:*",
"matchCriteriaId": "323B99B7-D519-4DA5-A1DE-7A2A226EEACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r13:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE094DA-E949-4338-ACB8-53070BA959C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r14:*:*:*:*:*:*:*",
"matchCriteriaId": "36F89341-6353-4884-912E-F6FD0A7751A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r15:*:*:*:*:*:*:*",
"matchCriteriaId": "4CFD2BBD-BBE2-4F53-A0C8-0CBCF7D1B40F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r16:*:*:*:*:*:*:*",
"matchCriteriaId": "248A6131-813B-4A52-87FC-4F1C7012348C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r17:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2D7C68-EA5A-4FAA-AE55-A186B65B81BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r18:*:*:*:*:*:*:*",
"matchCriteriaId": "6EC7AA8A-9876-4B3D-BBFF-FDEEAAFADB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r19:*:*:*:*:*:*:*",
"matchCriteriaId": "18AB6421-675E-43AC-A8A9-3839C71BAD46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r21:*:*:*:*:*:*:*",
"matchCriteriaId": "93C4AD2D-BFB2-476A-917F-D149F280D02F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r22:*:*:*:*:*:*:*",
"matchCriteriaId": "05A72249-E0FC-4EFF-B81A-BB2A6120681A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r23:*:*:*:*:*:*:*",
"matchCriteriaId": "324C5CAF-199B-4EAE-A3FB-5C8AF90DDFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r23b1:*:*:*:*:*:*:*",
"matchCriteriaId": "18749046-BC0F-49F0-B89D-723725138D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r24:*:*:*:*:*:*:*",
"matchCriteriaId": "67704888-85CA-4C4C-94B5-7D0AA5F6DBC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r24b1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAA3B77C-8213-4847-BA56-4A9BF921016F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:netscreen_screenos:6.3.0r25:*:*:*:*:*:*:*",
"matchCriteriaId": "25C306B0-F3EF-4A01-A5DA-6386FCE0E59F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. Affected releases are Juniper Networks ScreenOS 6.3.0 versions prior to 6.3.0r26."
},
{
"lang": "es",
"value": "Una vulnerabilidad Cross-Site Scripting (XSS) persistente en la interfaz gr\u00e1fica de usuario de ScreenOS podr\u00eda permitir que un usuario autenticado remoto inyecte scripts web o HTML y robe datos sensibles y credenciales de una sesi\u00f3n de administraci\u00f3n web, posiblemente enga\u00f1ando a un usuario administrativo Las versiones afectadas son Juniper Networks ScreenOS 6.3.0 en versiones anteriores a la 6.3.0r26."
}
],
"id": "CVE-2018-0059",
"lastModified": "2024-11-21T03:37:28.993",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "sirt@juniper.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-10T18:29:03.250",
"references": [
{
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.juniper.net/JSA10894"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}