Rewterz Threat Advisory – Microsoft Edge Multiple Vulnerabilities
January 10, 2019Rewterz Threat Advisory – CVE-2019-0012 – Juniper Junos OS Denial of Service Vulnerability
January 11, 2019Rewterz Threat Advisory – Microsoft Edge Multiple Vulnerabilities
January 10, 2019Rewterz Threat Advisory – CVE-2019-0012 – Juniper Junos OS Denial of Service Vulnerability
January 11, 2019SEVERITY: Low
ANALYSIS SUMMARY
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack.
IMPACT
Denial of Service
AFFECTED PRODUCTS
Some versions of these products are affected
- Juniper Junos OS 12.x
- Juniper Junos OS 15.1
REMEDIATION
Update to version
- 12.3X48-D77,
- 15.1F6-S12,
- 15.1R7-S3,
- 15.1X49-D160,
- 15.1X53-D236,
- 15.1X53-D495,
- 15.1X53-D590,
- 15.1X53-D68
If you think you’re a victim of a cyber-attack, immediately send an email to soc@rewterz.com for a quick response.