Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #3413 (08/26/2021)

3 new signatures:

HIGHHTTP:CTS:NAGIOS-WTCHGRD-CMD-INJHTTP: Nagios XI WatchGuard Wizard Watchguard.inc.php Command Injection
MEDIUMHTTP:STC:ADOBE:CVE-2021-28635HTTP: Adobe Acrobat Reader CVE-2021-28635 Use After Free
HIGHAPP:MISC:REALTEK-JUNGLE-SDK-CIAPP: Realtek Jungle SDK Command Injection

1 updated signature:

MEDIUMLDAP:OPENLDAP-SLAPD-SR-DOSLDAP: OpenLDAP slapd Denial of Service


Details of the signatures included within this bulletin:

LDAP:OPENLDAP-SLAPD-SR-DOS - LDAP: OpenLDAP slapd Denial of Service

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against OpenLDAP slapd. A successful attack can result in a denial-of-service condition.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1

References:

  • url: https://bugs.openldap.org/show_bug.cgi?id=9404
  • cve: CVE-2020-36221
  • url: https://bugs.openldap.org/show_bug.cgi?id=9427
  • cve: CVE-2020-36228

Affected Products:

  • Apple macos 11.1
  • Debian debian_linux 10.0
  • Debian debian_linux 9.0
  • Openldap openldap

HTTP:CTS:NAGIOS-WTCHGRD-CMD-INJ - HTTP: Nagios XI WatchGuard Wizard Watchguard.inc.php Command Injection

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Nagios XI WatchGuard Wizard. A successful attack can lead to command injection and arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2021-37344
  • url: https://www.nagios.com/downloads/nagios-xi/change-log/
  • cve: CVE-2021-37346

Affected Products:

  • Nagios nagios_xi_watchguard_wizard

HTTP:STC:ADOBE:CVE-2021-28635 - HTTP: Adobe Acrobat Reader CVE-2021-28635 Use After Free

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • cve: CVE-2021-28635

Affected Products:

  • Adobe acrobat_dc 15.008.20082-21.005.20054
  • Adobe acrobat_reader_dc 20.001.30005-20.004.30005
  • Adobe acrobat_dc 20.001.30005-20.004.30005
  • Adobe acrobat_reader_dc 17.011.30059-17.011.30197
  • Adobe acrobat_reader_dc 15.008.20082-21.005.20054
  • Adobe acrobat_dc 17.011.30059-17.011.30197

APP:MISC:REALTEK-JUNGLE-SDK-CI - APP: Realtek Jungle SDK Command Injection

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Realtek Jungle SDK. A successful attack can lead to command injection and arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • url: https://www.iot-inspector.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chain/
  • cve: CVE-2021-35394

Affected Products:

  • Realtek realtek_jungle_sdk 2.0-3.4.14b
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out