Juniper SSG20 Denial Of Service

2014.01.23
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-noinfo


CVSS Base Score: 7.1/10
Impact Subscore: 6.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Complete

############################################################## FFRI, Inc. Security Advisory Crafted packet can cause denial of service on Juniper SSG20 2014/01/14 ############################################################## === Summary === Crafted ICMP ECHO REQUEST can cause denial of service on Juniper SSG20 === Severity === Middle === Affected Products === Juniper SSG20 (Screen OS Firmware Version 6.1.0r5.0) === Potential Security Impact === Denial of Service === Solution === Enable the Ping of Death screen === Detailed Description === == Time Table == 2011/06/01 The vulnerability was reported to IPA(Information-technology Promotion Agency) 2013/12/13 JVN #28436508 released === Credits === This vulnerability was discovered by Shuichiro Suzuki of FFRI. === Reference === CVE No. : CVE-2013-6958 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6958 Mozilla Foundation Security Advisory : https://www.mozilla.org/security/announce/2013/mfsa2013-33.html FFRI Advisory URL: http://www.ffri.jp/cgi-bin/advisory/advisory.cgi?type=release&id=FFRRA-20131213 === About FFRI === FFRI is a leading security products and service vendor in Japan providing innovative security software and vulnerability research information. Our commitment is to secure our IT-driven society by protecting information system from unpredictable threats. http://www.ffri.jp research-feedback@ffri.jp === Copyright === 2007 - 2014 FFRI, Inc. All rights reserved.

References:

http://www.ffri.jp/cgi-bin/advisory/advisory.cgi?type=release&id=FFRRA-20131213
https://www.mozilla.org/security/announce/2013/mfsa2013-33.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top