Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #3434 (11/09/2021)

2 new signatures:

HIGHHTTP:STC:DL:CVE-2021-42292-RCEHTTP: Microsoft Excel CVE-2021-42292 Security Feature Bypass
HIGHHTTP:STC:DL:CVE2021-42298-RCEHTTP: Microsoft Defender CVE-2021-42298 Remote Code Execution

11 updated signatures:

HIGHAPP:SAP:NETWEAVER-DIAGI-DOSAPP: SAP NetWeaver DiagiEventSource Denial of Service
HIGHRTSP:HELIX-RN5AUTHRTSP: RealNetworks Helix Server rn5auth Credential Parsing Buffer Overflow
HIGHAPP:SYMC:AMS-SEND-ALERT-ACK-OFAPP: Symantec Alert Management System AMSSendAlertAck Stack Buffer Overflow
HIGHHTTP:WEBLOGIC:INSEC-DSER-RCEHTTP: Oracle WebLogic Server RemoteObject Insecure Deserialization
HIGHDB:POSTGRESQL:CHANGE-PASS-BODB: PostgreSQL Database Password Change Stack Buffer Overflow
HIGHAPP:SAP:NETWEAVER-BOAPP: SAP NetWeaver Dispatcher Stack Buffer Overflow
HIGHAPP:ORACLE:GOLDENGATE-BOFAPP: Oracle GoldenGate Manager Command Stack Buffer Overflow
MEDIUMDB:IBM-SOLIDBD-WHERE-DOSDB: IBM solidDB Redundant WHERE Clause Denial Of Service
HIGHAPP:SAP:NETWEAVER-DOSAPP: SAP NetWeaver DiagTraceHex Denial of Service
HIGHAPP:MISC:QUAGGA-BGP-DOUBLE-FREEAPP: Quagga BGP Daemon bgp_update_receive Double Free
HIGHAPP:HP-DATA-PRTCTR-MULTI-OP-OFAPP: HP Data Protector Express Opcode Parsing Stack Buffer Overflow


Details of the signatures included within this bulletin:

HTTP:STC:DL:CVE-2021-42292-RCE - HTTP: Microsoft Excel CVE-2021-42292 Security Feature Bypass

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Excel. A successful attack can lead to security bypass.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • cve: CVE-2021-42292

Affected Products:

  • Microsoft office 2016
  • Microsoft office_long_term_servicing_channel 2021
  • Microsoft 365_apps
  • Microsoft office 2019
  • Microsoft office 2013
  • Microsoft excel 2013

APP:SAP:NETWEAVER-DIAGI-DOS - APP: SAP NetWeaver DiagiEventSource Denial of Service

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against SAP NetWeaver DiagiEventSource service. A successful attack can result in a denial-of-service condition.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, j-series-9.5, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-4.2.110100823, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • bugtraq: 53424
  • cve: CVE-2012-2514

Affected Products:

  • Sap netweaver 7.0 EHP1
  • Sap netweaver 7.0 EHP2

APP:SAP:NETWEAVER-DOS - APP: SAP NetWeaver DiagTraceHex Denial of Service

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against SAP NetWeaver DiagTraceHex service. A successful attack can result in a denial-of-service condition.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1

References:

  • bugtraq: 53424
  • cve: CVE-2012-2612

Affected Products:

  • Sap netweaver 7.0 EHP1
  • Sap netweaver 7.0 EHP2

APP:SYMC:AMS-SEND-ALERT-ACK-OF - APP: Symantec Alert Management System AMSSendAlertAck Stack Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in Symantec Intel Alert Management System. It is caused by code which copies a user supplied string into a stack buffer without proper bound checks. A remote unauthenticated attacker can exploit this by sending a specially crafted packet to the affected service. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the SYSTEM context.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1

References:

  • bugtraq: 45936
  • cve: CVE-2010-0110

Affected Products:

  • Symantec antivirus_corporate_edition 10.1.6.6000
  • Symantec antivirus_corporate_edition 10.1.6.600
  • Symantec antivirus_corporate_edition 10.0.2 .2001
  • Symantec antivirus_corporate_edition 10.0.2.2002
  • Symantec antivirus_corporate_edition 10.1 MR8
  • Symantec antivirus_corporate_edition 10.1.0.396
  • Symantec antivirus_corporate_edition 10.1.0.400
  • Symantec antivirus_corporate_edition 10.1.0.401
  • Symantec antivirus_corporate_edition 10.0.2.2010
  • Symantec antivirus_corporate_edition 10.0.2.2011
  • Symantec antivirus_corporate_edition 10.0.2.2020
  • Symantec antivirus_corporate_edition 10.0.2.2021
  • Symantec antivirus_corporate_edition 10.0.0
  • Symantec antivirus_corporate_edition 10.0.1.1001 (MR1-PP1)
  • Symantec antivirus_corporate_edition 10.0.1.1003 (MR1-PP2)
  • Symantec antivirus_corporate_edition 10.0.1.1009 (MR1-PP9)
  • Symantec antivirus_corporate_edition 10.1.4.4000 (MR4)
  • Symantec antivirus_corporate_edition 10.1.5.5000 (MR5)
  • Symantec antivirus_corporate_edition 10.1.5.5001 (MR5-PP1)
  • Symantec antivirus_corporate_edition 10.1.5.5010 (MR5-MP1)
  • Symantec antivirus_corporate_edition 10.1.6.6010 (MR6-MP1)
  • Symantec antivirus_corporate_edition 10.1.7.7000 (MR7)
  • Symantec antivirus_corporate_edition 10.1.4
  • Symantec antivirus_corporate_edition 10.1.4.4010
  • Symantec antivirus_corporate_edition 10.1.4 MR4 MP1 - build 4010
  • Symantec antivirus_corporate_edition 10.1 MR6
  • Symantec antivirus_corporate_edition 10.1 MR6 MP1
  • Symantec antivirus_corporate_edition 10.1
  • Symantec antivirus 10
  • Symantec antivirus_corporate_edition 10.1 MR7
  • Symantec antivirus_corporate_edition 10.1.0.394
  • Symantec quarantine_server 3.5
  • Symantec quarantine_server 3.6
  • Symantec antivirus_corporate_edition 10.1 MR9
  • Symantec antivirus_corporate_edition 10.0.0.359
  • Symantec antivirus_corporate_edition 10.0.1.1000
  • Symantec antivirus_corporate_edition 10.0.1.1007
  • Symantec antivirus_corporate_edition 10.0.1.1008
  • Symantec antivirus_corporate_edition 10.1.8.8000
  • Symantec system_center

HTTP:WEBLOGIC:INSEC-DSER-RCE - HTTP: Oracle WebLogic Server RemoteObject Insecure Deserialization

Severity: HIGH

Description:

An insecure deserialization vulnerability has been reported in Oracle WebLogic Server. This vulnerability is due to deserialization of untrusted data contained within T3 requests. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted serialized object. Successful exploitation can result in arbitrary code execution in the context of the user account running WebLogic.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1

References:

  • cve: CVE-2018-3245

Affected Products:

  • Oracle weblogic_server 12.2.1.3.0
  • Oracle weblogic_server 12.1.3.0.0
  • Oracle weblogic_server 10.3.6.0.0

APP:SAP:NETWEAVER-BO - APP: SAP NetWeaver Dispatcher Stack Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in the SAP NetWeaver Dispatcher. A successful attack can lead to a stack buffer overflow and arbitrary remote code execution within the context of the affected application.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1

References:

  • bugtraq: 53424
  • url: http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities
  • url: http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=publication&name=Uncovering_SAP_vulnerabilities_reversing_and_breaking_the_Diag_protocol
  • cve: CVE-2012-2611

Affected Products:

  • Sap netweaver 7.0 EHP1
  • Sap netweaver 7.0 EHP2

DB:POSTGRESQL:CHANGE-PASS-BO - DB: PostgreSQL Database Password Change Stack Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in the PostgreSQL Database. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, j-series-9.5, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-4.2.110100823, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • bugtraq: 108875
  • cve: CVE-2019-10164

Affected Products:

  • Redhat enterprise_linux 8.0
  • Postgresql postgresql 11.0
  • Postgresql postgresql 10.0
  • Opensuse leap 15.1
  • Fedoraproject fedora 29
  • Opensuse leap 15.0
  • Fedoraproject fedora 30

RTSP:HELIX-RN5AUTH - RTSP: RealNetworks Helix Server rn5auth Credential Parsing Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in the RealNetworks Helix Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1

References:

  • bugtraq: 52929
  • cve: CVE-2012-0942

Affected Products:

  • Real_networks helix_mobile_server 14.0
  • Real_networks helix_server 14.2.0.212

APP:ORACLE:GOLDENGATE-BOF - APP: Oracle GoldenGate Manager Command Stack Buffer Overflow

Severity: HIGH

Description:

A stack-based buffer overflow exists in Oracle GoldenGate Manager. The vulnerability is due an input validation error when processing overly long command name. Successful exploitation could lead to arbitrary code execution

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, j-series-9.5, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-4.2.110100823, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-2913
  • url: https://www.tenable.com/security/research/tra-2018-31
  • url: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Affected Products:

  • Oracle goldengate 12.2.0.2.0
  • Oracle goldengate 12.3.0.1.0
  • Oracle goldengate 12.1.2.1.0

DB:IBM-SOLIDBD-WHERE-DOS - DB: IBM solidDB Redundant WHERE Clause Denial Of Service

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against IBM SolidDB. A successful attack can result in a denial-of-service condition.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1

References:

  • bugtraq: 52111
  • cve: CVE-2012-0200

Affected Products:

  • Ibm soliddb_6.5.0.8_interim_fix_5
  • Ibm soliddb_6.5.0.8

HTTP:STC:DL:CVE2021-42298-RCE - HTTP: Microsoft Defender CVE-2021-42298 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Defender. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2021-42298

Affected Products:

  • Microsoft malware_protection_engine

APP:MISC:QUAGGA-BGP-DOUBLE-FREE - APP: Quagga BGP Daemon bgp_update_receive Double Free

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in the BGP Daemon of Quagga. Successful exploitation could result in the execution of arbitrary code under the security context of the target process. Unsuccessful exploitation could result in the termination of the bgpd process.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1

References:

  • bugtraq: 103105
  • cve: CVE-2018-5379

Affected Products:

  • Redhat enterprise_linux_workstation 7.0
  • Debian debian_linux 9.0
  • Redhat enterprise_linux_server_eus 7.5
  • Redhat enterprise_linux_server_eus 7.6
  • Redhat enterprise_linux_server 7.0
  • Redhat enterprise_linux_server_eus 7.4
  • Redhat enterprise_linux_server_tus 7.6
  • Debian debian_linux 8.0
  • Canonical ubuntu_linux 16.04
  • Redhat enterprise_linux_server_aus 7.6
  • Redhat enterprise_linux_server_tus 7.4
  • Canonical ubuntu_linux 14.04
  • Debian debian_linux 7.0
  • Canonical ubuntu_linux 17.10
  • Redhat enterprise_linux_server_aus 7.4
  • Quagga quagga 1.2.2

APP:HP-DATA-PRTCTR-MULTI-OP-OF - APP: HP Data Protector Express Opcode Parsing Stack Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in HP Data Protector Express. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected user.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1

References:

  • bugtraq: 52431
  • cve: CVE-2012-0121

Affected Products:

  • Hp data_protector_express_5.0.00
  • Hp data_protector_express_6.0.00
  • Hp data_protector_express_5.0.01
  • Hp data_protector_express_6.0.01
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out