Juniper Networks has released security updates to address serious vulnerabilities affecting the Junos operating system.
This week, Juniper Networks has patched dozens of serious security provided security patches for each of them, the security advisories are available on the company website.
The most severe flaw is probably the CVE-2018-0049, which could be exploited by an attacker to crash the Junos kernel by sending specially crafted MPLS packets.
Juniper reported that a single specially crafted MPLS packet could trigger a DoS condition while sending more packets it is possible to crash the device.
“A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash. A single packet received by the target victim will cause a Denial of Service condition. Continued receipt of this specifically crafted malicious MPLS packet will cause a sustained Denial of Service condition.” reads the security advisory.
As a possible workaround, the company suggests to Remove MPLS configuration stanza from interfaces at risk.
At the time of the provisioning of the patch, there is no news about exploitation of the flaw in the wild, anyway, Juniper is aware of “possible malicious network probing which may have triggered this issue.
Another severe flaw fixed by Juniper affecting the Juniper NFX series devices could be exploited by a remote attacker to gain access to the system by using accounts with blank passwords.
The patched provided by the company no more allow empty passwords.
Juniper also provided fixes for several vulnerabilities affecting the NTP daemon. The company addressed several flaws in RDP most of them could be exploited to cause a DoS condition.
Two issues can be exploited to crash the routing protocol daemon (RPD) and potentially allow remote code execution.
Giving a look at the list of advisories we can find a fix a high-risk vulnerability in Junos Space Network Management Platform and a DoS flaw in the SIP application layer gateway (ALG) in Junos. This latter issue could be exploited by an attacker to crash several processes.
Experts also fixed a high-risk flaw in the RSH service that could allow a remote and unauthenticated attacker to gain root access to affected devices.
The company also fixed dozen of DoS and XSS flaws rated as “medium risk.”
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.