var-200604-0576
Vulnerability from variot
Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impact and remote attack vectors related to the DNS "client code," as demonstrated by the OUSPG PROTOS DNS test suite. Numerous vulnerabilities have been reported in various Domain Name System (DNS) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause a DNS implementation to behave in an unstable/unpredictable manner. Juniper JUNOSe is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the application to properly handle DNS datagrams. An attacker can exploit this issue to crash the affected DNS client service, effectively denying service to legitimate users. Juniper Networks JunosE is an operating system of Juniper Networks (Juniper Networks) running on E series IP edge and broadband service routers. The PROTOS DNS test component developed by OUSPG for DNS implementation found in the test that if a specially crafted message is sent, JUNOSe will have a denial of service when responding to DNS.
The vulnerability is caused due to unspecified errors within the handling of DNS responses.
SOLUTION: The vulnerability has been fixed in JUNOSe versions 5-3-5p0-2, 6-0-3p0-6, 6-0-4, 6-1-3p0-1, 7-0-1p0-7, 7-0-2, 7-1-0p0-1, and 7-1-1.
PROVIDED AND/OR DISCOVERED BY: Reported by vendor based on DNS Test Tool created by Oulu University Secure Programming Group.
ORIGINAL ADVISORY: NISCC: http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0576",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "junose",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": "junose",
"scope": null,
"trust": 0.6,
"vendor": "juniper",
"version": null
},
{
"model": "junose",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "junose",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1.1"
},
{
"model": "junose p0-1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "7.1"
},
{
"model": "junose",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0.2"
},
{
"model": "junose p0-7",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "7.0.1"
},
{
"model": "junose p0-1",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "6.1.3"
},
{
"model": "junose",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.4"
},
{
"model": "junose p0-6",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "6.0.3"
},
{
"model": "junose p0-2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.3.5"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "BID",
"id": "17693"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-540"
},
{
"db": "NVD",
"id": "CVE-2006-2074"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NISCC uniras@niscc.gov.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-540"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2074",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2074",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-18182",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2074",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#955777",
"trust": 0.8,
"value": "19.13"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-540",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-18182",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "VULHUB",
"id": "VHN-18182"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-540"
},
{
"db": "NVD",
"id": "CVE-2006-2074"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impact and remote attack vectors related to the DNS \"client code,\" as demonstrated by the OUSPG PROTOS DNS test suite. Numerous vulnerabilities have been reported in various Domain Name System (DNS) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause a DNS implementation to behave in an unstable/unpredictable manner. Juniper JUNOSe is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the application to properly handle DNS datagrams. \nAn attacker can exploit this issue to crash the affected DNS client service, effectively denying service to legitimate users. Juniper Networks JunosE is an operating system of Juniper Networks (Juniper Networks) running on E series IP edge and broadband service routers. The PROTOS DNS test component developed by OUSPG for DNS implementation found in the test that if a specially crafted message is sent, JUNOSe will have a denial of service when responding to DNS. \n\nThe vulnerability is caused due to unspecified errors within the\nhandling of DNS responses. \n\nSOLUTION:\nThe vulnerability has been fixed in JUNOSe versions 5-3-5p0-2,\n6-0-3p0-6, 6-0-4, 6-1-3p0-1, 7-0-1p0-7, 7-0-2, 7-1-0p0-1, and 7-1-1. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor based on DNS Test Tool created by Oulu University\nSecure Programming Group. \n\nORIGINAL ADVISORY:\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2074"
},
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "BID",
"id": "17693"
},
{
"db": "VULHUB",
"id": "VHN-18182"
},
{
"db": "PACKETSTORM",
"id": "45735"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#955777",
"trust": 2.5
},
{
"db": "BID",
"id": "17693",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "19822",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1015992",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2006-2074",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1505",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1526",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200604-540",
"trust": 0.7
},
{
"db": "XF",
"id": "26081",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-18182",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45735",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "VULHUB",
"id": "VHN-18182"
},
{
"db": "BID",
"id": "17693"
},
{
"db": "PACKETSTORM",
"id": "45735"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-540"
},
{
"db": "NVD",
"id": "CVE-2006-2074"
}
]
},
"id": "VAR-200604-0576",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-18182"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:57:42.503000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2074"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en"
},
{
"trust": 2.0,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/17693"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/955777"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015992"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/19822"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1505"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1526"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081"
},
{
"trust": 0.8,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/dns/index.html"
},
{
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-144154/index.html"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1526"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1505"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/26081"
},
{
"trust": 0.3,
"url": "https://www.juniper.net/alerts/viewalert.jsp?txtalertnumber=psn-2004-06-009\u0026actionbtn=search"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6108/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3417/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6107/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/19822/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "VULHUB",
"id": "VHN-18182"
},
{
"db": "BID",
"id": "17693"
},
{
"db": "PACKETSTORM",
"id": "45735"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-540"
},
{
"db": "NVD",
"id": "CVE-2006-2074"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "VULHUB",
"id": "VHN-18182"
},
{
"db": "BID",
"id": "17693"
},
{
"db": "PACKETSTORM",
"id": "45735"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-540"
},
{
"db": "NVD",
"id": "CVE-2006-2074"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-28T00:00:00",
"db": "CERT/CC",
"id": "VU#955777"
},
{
"date": "2006-04-27T00:00:00",
"db": "VULHUB",
"id": "VHN-18182"
},
{
"date": "2006-04-25T00:00:00",
"db": "BID",
"id": "17693"
},
{
"date": "2006-04-27T21:57:26",
"db": "PACKETSTORM",
"id": "45735"
},
{
"date": "2006-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-540"
},
{
"date": "2006-04-27T22:02:00",
"db": "NVD",
"id": "CVE-2006-2074"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-05-23T00:00:00",
"db": "CERT/CC",
"id": "VU#955777"
},
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-18182"
},
{
"date": "2006-04-26T19:31:00",
"db": "BID",
"id": "17693"
},
{
"date": "2006-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-540"
},
{
"date": "2024-11-21T00:10:29.820000",
"db": "NVD",
"id": "CVE-2006-2074"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-540"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in DNS implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#955777"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "17693"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-540"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…