Rewterz threat advisory – CVE-2019-0002 – Juniper Junos OS Firewall Filter Rules Security Bypass Vulnerability
January 11, 2019Rewterz Threat Alert : ‘Love You’ MalSpam campaign dropping Grandcrab Ransomware, Phorpiex Spambot and Cryptocurrency miner
January 15, 2019Rewterz threat advisory – CVE-2019-0002 – Juniper Junos OS Firewall Filter Rules Security Bypass Vulnerability
January 11, 2019Rewterz Threat Alert : ‘Love You’ MalSpam campaign dropping Grandcrab Ransomware, Phorpiex Spambot and Cryptocurrency miner
January 15, 2019SEVERITY: HIGH
ANALYSIS SUMMARY
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data.
IMPACT
- System access
- Denial of Service
- Other unspecified impacts
AFFECTED PRODUCTS
- Juniper Junos OS 12.x
- Juniper Junos OS 14.1
- Juniper Junos OS 15.1
REMEDIATION
Update to version
- 12.3R12-S12
- 12.3X48-D76
- 12.3X48-D80
- 14.1X53-D48
- 15.1R5
- 15.1X49-D151
- 15.1X49-D160
- 15.1F6-S12
- 16.1R2
- 16.2R1
If you think you’re a victim of a cyber-attack, immediately send an email to soc@rewterz.com for a quick response.