This Metasploit module scans for the Juniper SSH backdoor (also valid on Telnet). Any username is required, and the password is <<< %s(un=%s) = %u.
9063c59689446fe07bb9610922c2bca3f2bd26ac97f441441018bc99fbe63a81This Metasploit module exploits a denial of service vulnerability in Juniper Networks JunOS router operating system. By sending a TCP packet with TCP option 101 set, an attacker can cause an affected router to reboot.
08cdfbd242df275e59eddfc4bc6b02c08584e7f50c6f6577a3ecd7ea5c272711This Metasploit module exploits a PHP environment variable manipulation vulnerability affecting Juniper SRX firewalls and EX switches. The affected Juniper devices running FreeBSD and every FreeBSD process can access their stdin by opening /dev/fd/0. The exploit also makes use of two useful PHP features. The first being auto_prepend_file which causes the provided file to be added using the require function. The second PHP function is allow_url_include which allows the use of URL-aware fopen wrappers. By enabling allow_url_include, the exploit can use any protocol wrapper with auto_prepend_file. The module then uses data:// to provide a file inline which includes the base64 encoded PHP payload. By default this exploit returns a session confined to a FreeBSD jail with limited functionality. There is a datastore option JAIL_BREAK, that when set to true, will steal the necessary tokens from a user authenticated to the J-Web application, in order to overwrite the root password hash. If there is no user authenticated to the J-Web application this method will not work. The module then authenticates with the new root password over SSH and then rewrites the original root password hash to /etc/master.passwd.
23552b23e1cc0e2022181944f8894c8f7203e6893e7d1127561c3ffd867b9517A proof of concept exploit for chaining four CVEs to achieve remote code execution in Juniper JunOS within SRX and EX Series products.
ab0b70a7cc6a4a947d8faceced29674fb6ad7bf45e8a329120e642cb825e3c05Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 (build 9627) 4.2 Release (build 7631). This occurs because appropriate controls are not performed.
7858808a9580d86e2e50d68ec558fefa12e52e066ec9cec0e4eb1dad8f3869c8A special crafted ICMP ECHO REQUEST can cause a denial of service condition on the Juniper SSG20.
65c2ed19eba0758f8c760b12d4765618e61203e44d05a5145cb0d2a79e35d225Juniper JunOS version 9.x suffers from a html injection vulnerability that allows for cross site scripting attacks.
29ccd87908529598304cd583f8ee5922f7df5671abd5b2cd835597f7343deffdJuniper Secure Access software suffers from a reflective cross site scripting vulnerability.
1e91a40814ce854dfbc08417fc774b84fa293848396a5db20ca9b655cc2fc7d0Secunia Security Advisory - A vulnerability has been reported in Juniper JunosE, which can be exploited by malicious people to cause a DoS (Denial of Service).
08b8b6a0e8065ce1da5d3243663e8f8be801cdcc79193e1ced3e6a3cd4df6369This is a presentation called Router Exploitation. It was given at BlackHat 2009. It discusses various vendors such as Cisco, Juniper, Huawei, and more.
d251e8ce38047dd92c1a121ab52dccf2904bfc18ca85475675ae8202a6a1241dSecunia Security Advisory - Dell SecureWorks has reported a vulnerability in Juniper Networks Mobility System, which can be exploited by malicious people to conduct cross-site scripting attacks.
893f92e0d1f70719368fa3a17fcc9b5ed6140ec7a976fa7684bdb43d205625f2Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.
7f2939c51ae2de49c84a3603094e0241b465006371436fd834f9291f9d7516a0Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.
9c885039dd4a5ea03c2cbbac3693f855bbb1db856940a8abb123c687747653adSecunia Security Advisory - A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to bypass certain security restrictions.
31caf995dcbdcc45328b21cc63fc2006c9e06b259429e5818928423199aed36dSecunia Security Advisory - A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to cause a DoS (Denial of Service).
6896de19a7c2dc47cf7498f8ebc3a330877b75201e4e0de7a0ec5ae25b683114An ICMPv6 router announcement flooding denial of service vulnerability affects multiple systems including Cisco, Juniper, Microsoft, and FreeBSD. Cisco has addressed the issue but Microsoft has decided to ignore it.
b678a0b413550ec37fd50aa3338c0642a3b7f81dcdd9c330b6d7ffb73e786564Secunia Security Advisory - A vulnerability has been reported in Juniper Networks Secure Access, which can be exploited by malicious people to bypass certain security restrictions.
b7eb2e6d1ffc372841ec4312e98ca31e42075ca173fae964ed7c7e283f5bb9eaJuniper VPN client with remote desktop lets an attacking spawn Internet Explorer prior to authentication.
f6891045a7207af4d1a8fb5787e4acbee0b1a68022babe3bae8c08623c705fa7Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.
fe70a8701491bdb2732230e4912a2680b6cf9116ef4aae3fd54dac2652b68f19This is a list of older cross site scripting and bypass vulnerabilities associated with older Juniper IVE releases.
373b779224dfe366049456b486a0f52893693761af7861f0c2f4e45a15feacc4Zero Day Initiative Advisory 10-231 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper SA Series devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the meeting_testjava.cgi page which is used to test JVM compatibility. When handling the DSID HTTP header the code allows an attacker to inject arbitrary javascript into the page. This can be abused by an attacker to perform a cross-site scripting attack on the device.
99b5f28f3dda214bda4fefa3c825879f71b46d2042476feb6389be98ef4324baSecunia Security Advisory - Richard Brain has reported a vulnerability in Juniper IVE, which can be exploited by malicious people to conduct cross-site scripting attacks.
7ee3aa86aac36fb85624d366661203467e364b82b6efdf7bcc3e68396ff7cd7bProcheckup has found by making a malformed request to the Juniper IVE Web interface without authentication, that a vanilla cross site scripting (XSS) attack is possible.
b19b3cf027c13feb0c9453befa1a1695ad3c71996e2d1625b3489dfef480afbaSecunia Security Advisory - Richard Brain has reported a weakness in Juniper IVE OS, which can be exploited by malicious people to conduct redirection attacks.
5e185368e124833316095a43821e03e16787a5718784932b39d02ddc8ceca014The Juniper SRX suffers from a dual-homed swapfile overflow error that can cause denial of service conditions.
47019e4b52e0979c5d0727ed6f034816ad6998bcfcbd19d8a1f7cd565264a61b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed