Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:JunOS Local Security Checks
Titel:Junos Space: Multiple Vulnerabilities in Junos Space
Zusammenfassung:Multiple vulnerabilities have been addressed in Junos Space 15.2R1.
Multiple vulnerabilities have been addressed in Junos Space 15.2R1.

Vulnerability Insight:
Multiple vulnerabilities have been addressed in Junos Space 15.2R1.

These include cross site scripting (XSS), default passwords, information leak and command injection vulnerabilities.
These vulnerabilities may potentially allow a remote unauthenticated network based attacker with access to Junos Space
to execute arbitrary code on Junos Space or gain access to devices managed by Junos Space.
These vulnerabilities were found during internal product testing. These issues have been assigned CVE-2016-1265.
Oracle Java runtime was upgraded to 1.7.0 update 85 (from 1.7.0 update 79) which resolves:

- CVE-2015-4748 - Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75
and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.

- CVE-2015-2601 - Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75
and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.

- CVE-2015-2613 - Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows
remote attackers to affect confidentiality via vectors related to JCE.

- CVE-2015-2659 - Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers
to affect availability via unknown vectors related to Security.

- CVE-2015-2808 - The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state
data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery
attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by
the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the `Bar Mitzvah` issue.

- CVE-2015-4000 - The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client,
does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by
rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the `Logjam` issue.

- CVE-2015-4749 - Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and
8u33 allows remote attackers to affect availability via vectors related to JNDI.

- CVE-2015-2625 - Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and
8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.

Affected Software/OS:
This issue can affect any product or platform running Junos Space before 15.2R1.

The following software releases have been updated to resolve this specific issue: Junos Space 15.2R1 (released March 17, 2016) and all subsequent releases.

CVSS Score:

CVSS Vector:

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-1265
Common Vulnerability Exposure (CVE) ID: CVE-2015-4748
BugTraq ID: 75854
Debian Security Information: DSA-3316 (Google Search)
Debian Security Information: DSA-3339 (Google Search)
RedHat Security Advisories: RHSA-2015:1228
RedHat Security Advisories: RHSA-2015:1229
RedHat Security Advisories: RHSA-2015:1230
RedHat Security Advisories: RHSA-2015:1241
RedHat Security Advisories: RHSA-2015:1242
RedHat Security Advisories: RHSA-2015:1243
RedHat Security Advisories: RHSA-2015:1485
RedHat Security Advisories: RHSA-2015:1486
RedHat Security Advisories: RHSA-2015:1488
RedHat Security Advisories: RHSA-2015:1526
RedHat Security Advisories: RHSA-2015:1544
RedHat Security Advisories: RHSA-2015:1604
SuSE Security Announcement: SUSE-SU-2015:1319 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1320 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1288 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1289 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-2601
BugTraq ID: 75867
Common Vulnerability Exposure (CVE) ID: CVE-2015-2613
BugTraq ID: 75871
Common Vulnerability Exposure (CVE) ID: CVE-2015-2659
BugTraq ID: 75877
Common Vulnerability Exposure (CVE) ID: CVE-2015-2808
BugTraq ID: 73684
BugTraq ID: 91787
HPdes Security Advisory: HPSBGN03338
HPdes Security Advisory: HPSBGN03354
HPdes Security Advisory: HPSBGN03366
HPdes Security Advisory: HPSBGN03367
HPdes Security Advisory: HPSBGN03372
HPdes Security Advisory: HPSBGN03399
HPdes Security Advisory: HPSBGN03402
HPdes Security Advisory: HPSBGN03403
HPdes Security Advisory: HPSBGN03405
HPdes Security Advisory: HPSBGN03407
HPdes Security Advisory: HPSBGN03414
HPdes Security Advisory: HPSBGN03415
HPdes Security Advisory: HPSBMU03345
HPdes Security Advisory: HPSBMU03377
HPdes Security Advisory: HPSBMU03401
HPdes Security Advisory: HPSBUX03512
HPdes Security Advisory: SSRT102073
HPdes Security Advisory: SSRT102127
HPdes Security Advisory: SSRT102129
HPdes Security Advisory: SSRT102133
HPdes Security Advisory: SSRT102150
HPdes Security Advisory: SSRT102254
RedHat Security Advisories: RHSA-2015:1006
RedHat Security Advisories: RHSA-2015:1007
RedHat Security Advisories: RHSA-2015:1020
RedHat Security Advisories: RHSA-2015:1021
RedHat Security Advisories: RHSA-2015:1091
SuSE Security Announcement: SUSE-SU-2015:1073 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1085 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1086 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1138 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1161 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2166 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:2192 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0113 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-4000
BugTraq ID: 74733
Debian Security Information: DSA-3287 (Google Search)
Debian Security Information: DSA-3300 (Google Search)
Debian Security Information: DSA-3324 (Google Search)
Debian Security Information: DSA-3688 (Google Search)
HPdes Security Advisory: HPSBGN03351
HPdes Security Advisory: HPSBGN03361
HPdes Security Advisory: HPSBGN03362
HPdes Security Advisory: HPSBGN03373
HPdes Security Advisory: HPSBGN03404
HPdes Security Advisory: HPSBGN03411
HPdes Security Advisory: HPSBGN03533
HPdes Security Advisory: HPSBMU03356
HPdes Security Advisory: HPSBUX03363
HPdes Security Advisory: HPSBUX03388
HPdes Security Advisory: SSRT102112
HPdes Security Advisory: SSRT102180
NETBSD Security Advisory: NetBSD-SA2015-008
RedHat Security Advisories: RHSA-2015:1072
RedHat Security Advisories: RHSA-2015:1185
RedHat Security Advisories: RHSA-2015:1197
RedHat Security Advisories: RHSA-2016:1624
RedHat Security Advisories: RHSA-2016:2056
SuSE Security Announcement: SUSE-SU-2015:1143 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1150 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1177 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1181 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1182 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1183 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1184 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1185 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1268 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1269 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1449 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1581 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1663 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0224 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0262 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1139 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1209 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1229 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1266 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1277 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1684 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0226 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0255 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0261 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0478 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0483 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-4749
BugTraq ID: 75890
Common Vulnerability Exposure (CVE) ID: CVE-2015-2625
BugTraq ID: 75895
CopyrightThis script is Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.