Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.103966
Categoría:JunOS Local Security Checks
Título:Junos Stack Exhaustion Denial of Service Vulnerability
Resumen:Denial of Service vulnerability due to stack exhaustion in glibc;used by Junos
Descripción:Summary:
Denial of Service vulnerability due to stack exhaustion in glibc
used by Junos

Vulnerability Insight:
A stack consumption vulnerability in the regcomp implementation
in the GNU C Library allows an attacker to cause a denial of service via a regular expression containing
adjacent repetition operators or adjacent bounded repetitions. Junos uses regular expressions in several
places within the CLI.

Vulnerability Impact:
Local attackers can cause a partial denial of service on services
provided by rpd.

Affected Software/OS:
Junos OS 10.4, 11.4, 12.1, 12.2, 12.3, 13.1, 13.2, 13.3

Solution:
New builds of Junos OS software are available from Juniper.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: BugTraq ID: 45233
Common Vulnerability Exposure (CVE) ID: CVE-2010-4051
http://www.securityfocus.com/bid/45233
Bugtraq: 20110107 GNU libc/regcomp(3) Multiple Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/515589/100/0/threaded
CERT/CC vulnerability note: VU#912279
http://www.kb.cert.org/vuls/id/912279
http://www.exploit-db.com/exploits/15935
http://seclists.org/fulldisclosure/2011/Jan/78
http://cxib.net/stuff/proftpd.gnu.c
https://bugzilla.redhat.com/show_bug.cgi?id=645859
http://securitytracker.com/id?1024832
http://secunia.com/advisories/42547
http://securityreason.com/securityalert/8003
http://securityreason.com/achievement_securityalert/93
Common Vulnerability Exposure (CVE) ID: CVE-2010-4052
CopyrightThis script is Copyright (C) 2014 Greenbone Networks GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.