TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    Ben & Jerry’s sales to continue in Israel after Unilever sells licence

    June 29, 2022

    IC3 issues warning on deepfake use in remote work applications

    June 29, 2022

    Apple promises “white glove experiences” for its most helpful community members

    June 29, 2022
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      Apple promises “white glove experiences” for its most helpful community members

      June 29, 2022

      Amazon’s Paper Girls series messes with the timeline in first trailer

      June 29, 2022

      The NuraTrue Pro are the first wireless earbuds to support aptX Lossless streaming

      June 29, 2022

      The internet is a constant recommendations machine — but it needs you to make it work

      June 29, 2022

      How to find the best deals during Amazon Prime Day

      June 29, 2022
    • Business
    • Cyber Security

      IC3 issues warning on deepfake use in remote work applications

      June 29, 2022

      Kurt John named Chief Security Officer at Expedia

      June 29, 2022

      Why insider threats pose unique risks to national security

      June 29, 2022

      Does AI materially impact cybersecurity strategies?

      June 29, 2022

      Hybrid work transition reveals low enterprise cybersecurity confidence

      June 28, 2022
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»Juniper Networks Patches Over 60 Flaws in Junos, ATP Products
    Cyber Security

    Juniper Networks Patches Over 60 Flaws in Junos, ATP Products

    January 11, 2019Updated:January 14, 2019No Comments3 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Juniper Networks this week released patches for more than 60 vulnerabilities in its Juniper Advanced Threat Prevention (ATP) appliance, Junos OS operating system, and Junos Space network management platform. Many of the security holes impact third-party components.

    In Juniper ATP appliances, the company addressed 13 flaws, including persistent cross-site scripting (XSS), arbitrary command execution, hardcoded credentials, information disclosure, and unprotected credentials issues.

    Three of the vulnerabilities fixed in ATP devices have been rated “critical,” including ones related to the existence of hardcoded credentials and the storage of Splunk credentials in a file that can be accessed by authenticated local users.

    Another three flaws have been assigned a CVSS score between 7.0 and 8.9, which puts them in the “high” severity category. The list includes issues related to the insecure storage of keys used for critical operations in the WebUI interface, the logging of secret passphrase CLI inputs in clear text, and a remote command execution weakness in the XML-RPC server.

    In the Junos OS operating system, which powers many of Juniper’s appliances, the company addressed eight vulnerabilities disclosed in the past three years in the libxml2 library, which is used for parsing XML documents. Many of these libxml2 flaws have been assigned “critical” and “high” severity ratings. They can be exploited for denial-of-service (DoS) attacks and other purposes.

    Also in Junos OS, the company fixed two OpenSSL vulnerabilities patched by the OpenSSL Project last year.

    Finally, Juniper patched nearly 40 vulnerabilities in Junos Space. Nine security holes – one rated “high” and the rest “medium” – have been resolved in version 18.3R1.

    The rest were fixed in version 18.4R1, including one critical bug that can lead to privilege escalation and arbitrary code execution. A majority of the vulnerabilities addressed in this version have a high severity.

    A majority of the Junos Space vulnerabilities impact third-party components and they have been disclosed in 2017 and 2018. The impacted components include QEMU, the Linux kernel (including SegmentSmack), Intel CPUs (LazyFP and L1TF vulnerabilities), the glibc library, procps-ng utilities, libvirt, GnuPG, Samba, BIND, the Web-Dorado Instagram Feed WD plugin, yum-utils tools, the GlusterFS network filesystem, and Mozilla NSS (Network Security Services) libraries.

    In addition to the patches released this week, workarounds and mitigations are also available for some of the impacted products.

    Have you been attacked? Digitpol the global investigation firm can help you, visit Digitpol’s website to learn more.

    Related: Juniper Patches Serious Flaws in Junos OS

    Related: Juniper Confirms Leaked Implants Target Its Products

    Related: DoS Vulnerability Affects Cisco, Juniper Products

    Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

    Previous Columns by Eduard Kovacs:
    Tags:

    Source link

    Do you need investigative support? Digitpol is a licensed and accredited investigation agency specialising in operational support and investigative services. Digitpol is specialise in the Investigation of Theft, Fraud, Corruption, Commercial Espionage, Cybercrime Investigation and Intellectual Property Crime. Digitpol’s team has extended skills in Data Recovery such as Computer Forensics, Mobile Phone Forensics, eDiscovery, Internet Monitoring and Automotive Forensic Investigation.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    IC3 issues warning on deepfake use in remote work applications

    June 29, 2022 Cyber Security

    Kurt John named Chief Security Officer at Expedia

    June 29, 2022 Cyber Security

    Why insider threats pose unique risks to national security

    June 29, 2022 Cyber Security

    Does AI materially impact cybersecurity strategies?

    June 29, 2022 Cyber Security

    Hybrid work transition reveals low enterprise cybersecurity confidence

    June 28, 2022 Cyber Security

    Ransomware in Q1 2022 doubled total 2021 volume

    June 28, 2022 Cyber Security
    Editors Picks

    IC3 issues warning on deepfake use in remote work applications

    June 29, 2022

    Apple promises “white glove experiences” for its most helpful community members

    June 29, 2022

    UK imposes sanctions on Russian oligarch Vladimir Potanin

    June 29, 2022

    Kurt John named Chief Security Officer at Expedia

    June 29, 2022
    Trending Now

    The internet is a constant recommendations machine — but it needs you to make it work

    By techbizweb

    UK to extend tariffs on steel imports for two years

    By techbizweb

    Does AI materially impact cybersecurity strategies?

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2022 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.