Vulnerabilities > Juniper > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-23 | CVE-2005-2640 | Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid. | 5.0 |
2004-12-31 | CVE-2004-1446 | Denial Of Service vulnerability in Juniper Networks NetScreen SSHv1 Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet. | 5.0 |
2004-12-31 | CVE-2004-0467 | Remote Denial Of Service vulnerability in Juniper Networks JUNOS Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a denial of service (routing disabled) via a large number of MPLS packets, which are not filtered or verified before being sent to the Routing Engine, which reduces the speed at which other packets are processed. | 5.0 |
2004-12-06 | CVE-2004-0468 | Unspecified vulnerability in Juniper Junos Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets. | 5.0 |
2004-08-18 | CVE-2004-0230 | TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. | 5.0 |
2004-01-20 | CVE-2004-1766 | Remote Communication vulnerability in NetScreen Security Manager Insecure Default The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0, which allows remote attackers to obtain sensitive information via sniffing. | 5.0 |
2003-03-31 | CVE-2002-1547 | Unspecified vulnerability in Juniper Netscreen Screenos Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144. | 5.0 |
2002-12-31 | CVE-2002-2223 | Unspecified vulnerability in Juniper products Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload. | 5.1 |
2002-12-31 | CVE-2002-2150 | Unspecified vulnerability in Juniper Netscreen Screenos Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections. | 5.0 |
2002-10-04 | CVE-2002-0891 | Remote Reboot vulnerability in NetScreen ScreenOS The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name. | 5.0 |