Vulnerabilities > CVE-2014-2842 - Resource Management Errors vulnerability in Juniper Screenos
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 18 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Firewalls |
NASL id | SCREENOS_JSA10624.NASL |
description | The remote host is running a version of Juniper ScreenOS 6.3 prior to 6.3.0r17. It is, therefore, affected by a denial of service vulnerability due to a failure to properly handle SSL/TLS protocol packets. A remote, unauthenticated attacker could potentially exploit this vulnerability by sending malformed SSL/TLS packets to cause a firewall crash or failover. Repeated exploitation can result in an extended denial of service condition. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 74149 |
published | 2014-05-23 |
reporter | This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/74149 |
title | Juniper ScreenOS 6.3 < 6.3.0r17 DoS |
code |
|
Seebug
bulletinFamily | exploit |
description | CVE ID:CVE-2014-2842 NetScreen ScreenOS是一款用于Juniper防火墙设备上的操作系统。 NetScreen ScreenOS处理SSL/TLS协议报文存在错误,允许攻击者利用漏洞提交特殊的请求使服务程序崩溃或重启或触发故障转移。 0 NetScreen ScreenOS 6.3 目前没有详细解决方案: https://www.juniper.net |
id | SSV:62193 |
last seen | 2017-11-19 |
modified | 2014-04-16 |
published | 2014-04-16 |
reporter | Root |
title | NetScreen ScreenOS SSL/TLS协议报文处理拒绝服务漏洞 |