cnvd - cnvd-2018-02841

cnvd-2018-02841

Vulnerability from cnvd

Title

Juniper Networks Junos OS点劫持漏洞

Description

Juniper Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件系统的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS中存在点劫持漏洞。攻击者可通过发送恶意制作的LLDP数据包利用该漏洞造成拒绝服务，注入命令和代码，从而提升权限，控制设备。

Severity

高

Patch Name

Juniper Networks Junos OS点劫持漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10830&actp=METADATA

Reference

https://www.securitytracker.com/id/1040181

Impacted products

Name
['Juniper Networks Junos OS 12.1X46<(12.1X46-D71)', 'Juniper Networks Junos OS 12.3<(12.3R12-S7)', 'Juniper Networks Junos OS 12.3X48<(12.3X48-D55)', 'Juniper Networks Junos OS 14.1<(14.1R8-S5)', 'Juniper Networks Junos OS 14.1<(14.1R9)', 'Juniper Networks Junos OS 14.1X53<(14.1X53-D107)', 'Juniper Networks Junos OS 14.2<(14.2R8)', 'Juniper Networks Junos OS 15.1<(15.1F5-S8)', 'Juniper Networks Junos OS 15.1X53<(15.1X53-D65)', 'Juniper Networks Junos OS 16.1<(16.1R5)', 'Juniper Networks Junos OS 16.1X65<(16.1X65-D45)', 'Juniper Networks Junos OS 14.1X53<(14.1X53-D46)', 'Juniper Networks Junos OS 14.2<(14.2R7-S9)', 'Juniper Networks Junos OS 15.1<(15.1F2-S17)', 'Juniper Networks Junos OS 15.1<(15.1R5-S7)', 'Juniper Networks Junos OS 15.1<(15.1R7)', 'Juniper Networks Junos OS 15.1X49<(15.1X49-D90)', 'Juniper Networks Junos OS 16.1<(16.1R4-S6)', 'Juniper Networks Junos OS 16.2<(16.2R2)', 'Juniper Networks Junos OS 17.1<(17.1R2)']

Name

['Juniper Networks Junos OS 12.1X46<(12.1X46-D71)', 'Juniper Networks Junos OS 12.3<(12.3R12-S7)', 'Juniper Networks Junos OS 12.3X48<(12.3X48-D55)', 'Juniper Networks Junos OS 14.1<(14.1R8-S5)', 'Juniper Networks Junos OS 14.1<(14.1R9)', 'Juniper Networks Junos OS 14.1X53<(14.1X53-D107)', 'Juniper Networks Junos OS 14.2<(14.2R8)', 'Juniper Networks Junos OS 15.1<(15.1F5-S8)', 'Juniper Networks Junos OS 15.1X53<(15.1X53-D65)', 'Juniper Networks Junos OS 16.1<(16.1R5)', 'Juniper Networks Junos OS 16.1X65<(16.1X65-D45)', 'Juniper Networks Junos OS 14.1X53<(14.1X53-D46)', 'Juniper Networks Junos OS 14.2<(14.2R7-S9)', 'Juniper Networks Junos OS 15.1<(15.1F2-S17)', 'Juniper Networks Junos OS 15.1<(15.1R5-S7)', 'Juniper Networks Junos OS 15.1<(15.1R7)', 'Juniper Networks Junos OS 15.1X49<(15.1X49-D90)', 'Juniper Networks Junos OS 16.1<(16.1R4-S6)', 'Juniper Networks Junos OS 16.2<(16.2R2)', 'Juniper Networks Junos OS 17.1<(17.1R2)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-0007"
    }
  },
  "description": "Juniper Junos OS\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u7cfb\u7edf\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002\r\n\r\nJuniper Networks Junos OS\u4e2d\u5b58\u5728\u70b9\u52ab\u6301\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u6076\u610f\u5236\u4f5c\u7684LLDP\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff0c\u6ce8\u5165\u547d\u4ee4\u548c\u4ee3\u7801\uff0c\u4ece\u800c\u63d0\u5347\u6743\u9650\uff0c\u63a7\u5236\u8bbe\u5907\u3002",
  "discovererName": "Juniper Networks",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10830\u0026actp=METADATA",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-02841",
  "openTime": "2018-02-06",
  "patchDescription": "Juniper Junos OS\u662f\u7f8e\u56fd\u77bb\u535a\u7f51\u7edc\uff08Juniper Networks\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8e\u8be5\u516c\u53f8\u7684\u786c\u4ef6\u7cfb\u7edf\u7684\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u63d0\u4f9b\u4e86\u5b89\u5168\u7f16\u7a0b\u63a5\u53e3\u548cJunos SDK\u3002\r\n\r\nJuniper Networks Junos OS\u4e2d\u5b58\u5728\u70b9\u52ab\u6301\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u6076\u610f\u5236\u4f5c\u7684LLDP\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff0c\u6ce8\u5165\u547d\u4ee4\u548c\u4ee3\u7801\uff0c\u4ece\u800c\u63d0\u5347\u6743\u9650\uff0c\u63a7\u5236\u8bbe\u5907\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Juniper Networks Junos OS\u70b9\u52ab\u6301\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Juniper Networks Junos OS 12.1X46\u003c(12.1X46-D71)",
      "Juniper Networks Junos OS 12.3\u003c(12.3R12-S7)",
      "Juniper Networks Junos OS 12.3X48\u003c(12.3X48-D55)",
      "Juniper Networks Junos OS 14.1\u003c(14.1R8-S5)",
      "Juniper Networks Junos OS 14.1\u003c(14.1R9)",
      "Juniper Networks Junos OS 14.1X53\u003c(14.1X53-D107)",
      "Juniper Networks Junos OS 14.2\u003c(14.2R8)",
      "Juniper Networks Junos OS 15.1\u003c(15.1F5-S8)",
      "Juniper Networks Junos OS 15.1X53\u003c(15.1X53-D65)",
      "Juniper Networks Junos OS 16.1\u003c(16.1R5)",
      "Juniper Networks Junos OS 16.1X65\u003c(16.1X65-D45)",
      "Juniper Networks Junos OS 14.1X53\u003c(14.1X53-D46)",
      "Juniper Networks Junos OS 14.2\u003c(14.2R7-S9)",
      "Juniper Networks Junos OS 15.1\u003c(15.1F2-S17)",
      "Juniper Networks Junos OS 15.1\u003c(15.1R5-S7)",
      "Juniper Networks Junos OS 15.1\u003c(15.1R7)",
      "Juniper Networks Junos OS 15.1X49\u003c(15.1X49-D90)",
      "Juniper Networks Junos OS 16.1\u003c(16.1R4-S6)",
      "Juniper Networks Junos OS 16.2\u003c(16.2R2)",
      "Juniper Networks Junos OS 17.1\u003c(17.1R2)"
    ]
  },
  "referenceLink": "https://www.securitytracker.com/id/1040181",
  "serverity": "\u9ad8",
  "submitTime": "2018-01-17",
  "title": "Juniper Networks Junos OS\u70b9\u52ab\u6301\u6f0f\u6d1e"
}

CVE-2018-0007 (GCVE-0-2018-0007)

Vulnerability from cvelistv5

Published

2018-01-10 22:00

Modified

2024-08-05 03:14

Severity ?

CWE

Summary

An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service. Further crafted packets may be able to sustain the denial of service condition. Score: 6.5 MEDIUM (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Further, if the attacker is authenticated on the target device receiving and processing the malicious LLDP packet, while receiving the crafted packets, the attacker may be able to perform command or arbitrary code injection over the target device thereby elevating their permissions and privileges, and taking control of the device. Score: 7.8 HIGH (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to one or more local segments, via LLDP proxy / tunneling agents or other LLDP through Layer 3 deployments, through one or more local segment broadcasts, may be able to cause multiple Junos devices to enter an improper boundary check condition allowing a memory corruption to occur, leading to multiple distributed Denials of Services. These Denials of Services attacks may have cascading Denials of Services to adjacent connected devices, impacts network devices, servers, workstations, etc. Further crafted packets may be able to sustain these Denials of Services conditions. Score 6.8 MEDIUM (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H) Further, if the attacker is authenticated on one or more target devices receiving and processing these malicious LLDP packets, while receiving the crafted packets, the attacker may be able to perform command or arbitrary code injection over multiple target devices thereby elevating their permissions and privileges, and taking control multiple devices. Score: 7.8 HIGH (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D71; 12.3 versions prior to 12.3R12-S7; 12.3X48 versions prior to 12.3X48-D55; 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D46, 14.1X53-D50, 14.1X53-D107; 14.2 versions prior to 14.2R7-S9, 14.2R8; 15.1 versions prior to 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7; 15.1X49 versions prior to 15.1X49-D90; 15.1X53 versions prior to 15.1X53-D65; 16.1 versions prior to 16.1R4-S6, 16.1R5; 16.1X65 versions prior to 16.1X65-D45; 16.2 versions prior to 16.2R2; 17.1 versions prior to 17.1R2. No other Juniper Networks products or platforms are affected by this issue.

References

URL

Tags

	https://kb.juniper.net/JSA10830	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1040181	vdb-entry, x_refsource_SECTRACK