Rewterz Threat Advisory – Red Hat Update for flash-plugin – Information Disclosure Vulnerabilities
April 11, 2019Rewterz Threat Advisory – Juniper SRX Series Proxy ARP Denial of Service Vulnerability
April 11, 2019Rewterz Threat Advisory – Red Hat Update for flash-plugin – Information Disclosure Vulnerabilities
April 11, 2019Rewterz Threat Advisory – Juniper SRX Series Proxy ARP Denial of Service Vulnerability
April 11, 2019Severity
Medium
Analysis Summary
CVE-2019-0036
When configuring a stateless firewall filter in Junos OS, terms named using the format “internal-n” (e.g. “internal-1”, “internal-2”, etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results.
Impact
Security Bypass
Affected Vendors
Juniper
Affected Products
- Juniper Junos OS 12.12.3 and prior
- Juniper Junos OS 14.14.1X53 prior to 14.1X53-D130 and 14.1X53-D49
- Juniper Junos OS 15.15.1 prior to 15.1F6-S12 and 15.1R7-S4
- 15.1X49 prior to 15.1X49-D161 and 15.1X49-D170
- and 15.1X53 prior to 15.1X53-D236
- 15.1X53-D496 and 15.1X53-D69.
Remediation
Update or upgrade to version
14.1X53-D130, 14.1X53-D49, 15.1F6-S12, 15.1R7-S4, 15.1X49-D161, 15.1X49-D170, 15.1X53-D236, 15.1X53-D496, or 15.1X53-D69.