Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #2989 (09/14/2017)

3 new signatures:

HIGHHTTP:APACHE:OFBIZ-ADMIN-ABHTTP: Apache OFBiz Admin Authentication Bypass
HIGHHTTP:HPE-OO-DESERIALIZATIONHTTP: HPE Operations Orchestration central-remoting Insecure Deserialization
CRITICALHTTP:HPE-INT-MGMT-CTR-ELIHTTP: HPE Intelligent Management Center userSelectPagingContent Expression Language Injection

1 updated signature:

MEDIUMHTTP:STC:ACTIVEX:XMLHTTPHTTP: Microsoft XML Core Service XMLHTTP ActiveX Control

1 renamed signature:

RADIUS:FREERADIUS-DATAVP-WIMAX-BO->RADIUS:FREERAD-DATAVP-WIMAX-BO


Details of the signatures included within this bulletin:

RADIUS:FREERAD-DATAVP-WIMAX-BO - RADIUS: FreeRADIUS data2vp_wimax Heap Buffer Overflow

Severity: HIGH

Description:

A heap-based buffer overflow vulnerability has been reported in FreeRADIUS. A remote attacker can exploit the vulnerability by sending a crafted RADIUS packet with a malformed WiMAX attribute with the continuation flag set. Successful exploitation could result in arbitrary code execution in the security context of the FreeRADIUS server.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2017-10984
  • bugtraq: 99876

HTTP:STC:ACTIVEX:XMLHTTP - HTTP: Microsoft XML Core Service XMLHTTP ActiveX Control

Severity: MEDIUM

Description:

This signature detects attempts to use unsafe ActiveX controls in Microsoft XML Core Service. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.1.110110719, DI-Worm, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, isg-3.4.139899, j-series-9.5, srx-12.1, srx-branch-12.1, idp-4.2.110100823, idp-5.0.110130325, mx-11.4, isg-3.4.140032, idp-4.2.110101203, vsrx-12.1, idp-5.1.0, idp-5.0.110121210, vsrx-15.1, idp-4.1.110110609, isg-3.5.141597, idp-5.1.110160603

References:

  • bugtraq: 39489
  • cve: CVE-2009-4596
  • cve: CVE-2010-0432
  • url: http://www.kb.cert.org/vuls/id/585137
  • cve: CVE-2006-5745
  • bugtraq: 20915

Affected Products:

  • Avaya S8100 Media Servers R6
  • HP Storage Management Appliance 2.1
  • Avaya S8100 Media Servers
  • Microsoft XML Core Services 4.0
  • Avaya S8100 Media Servers R10
  • Avaya S8100 Media Servers R12
  • Avaya S8100 Media Servers R11
  • Microsoft XML Core Services 6.0
  • Avaya Messaging Application Server
  • Avaya S8100 Media Servers R9
  • Avaya S8100 Media Servers R8
  • Avaya S8100 Media Servers R7

HTTP:APACHE:OFBIZ-ADMIN-AB - HTTP: Apache OFBiz Admin Authentication Bypass

Severity: HIGH

Description:

An authentication bypass vulnerability has been reported in Apache Ofbiz module. Successful exploitation can results in the creation of admin account

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2010-0432
  • bugtraq: 39489

Affected Products:

  • apache open_for_business_project up to 09.04

HTTP:HPE-OO-DESERIALIZATION - HTTP: HPE Operations Orchestration central-remoting Insecure Deserialization

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in HPE Operations Orchestration. Successful exploitation could result in arbitrary code execution in the context of the application.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2017-8994

HTTP:HPE-INT-MGMT-CTR-ELI - HTTP: HPE Intelligent Management Center userSelectPagingContent Expression Language Injection

Severity: CRITICAL

Description:

This signature detects attempts to exploit a known vulnerability in HPE Intelligent Management Center. Successful exploitation results in the execution of arbitrary code under the security context of the SYSTEM user.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2017-12521
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out