|
|
|
Juniper JUNOS Remote Kernel Crash Flaw |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Présentation : Juniper Networks is warning customers of a critical flaw in its gateway routers that allows attackers to crash the devices by sending them small amounts of easily-spoofed traffic. - The Register news. The JunOS kernel will crash i.e. core when a specifically crafted TCP option is received on a listening TCP port. The packet cannot be filtered with Junos's firewall filter. A router receiving this specific TCP packet will crash and reboot. Affected Devices JunOS 3.x - 10.x versions released later then 1 28 2009 Software releases built on or after January 28, 2009 have already fixed the issue.Solution Upgrade the OS. There are no totally effective workarounds. Funny A Juniper spokeswoman said the bulletin was one of seven security advisories the company issued under a policy designed to prevent members of the public at large from getting details of the vulnerabilities. Because of Juniper's 'Entitled Disclosure Policy,' only our customers and partners are allowed access to the details of the Security Advisory, the spokeswoman wrote. Ooohhh... How about this when a specifically crafted TCP option is received on a listening TCP port It's more than enough We have 256 guesses Simple Proof-of-Concept demo hod ping 169.254.1.1 PING 169.254.1.1 169.254.1.1 56 data bytes 64 bytes from 169.254.1.1 icmp_seq 0 ttl 254 time 4.623 ms 64 bytes from 169.254.1.1 icmp_seq 1 ttl 254 time 4.531 ms 64 bytes from 169.254.1.1 icmp_seq 2 ttl 254 time 4.315 ms C hod . hod-junos-test 169.254.1.1 22 Target IP 169.254.1.1, Port 22 Sending TCP-packets with various crafted TCP options TCP options bruteforce progress .......................................................... ........................................................... ........................................................... ....................................................... OK hod ping 169.254.1.1 PING 169.254.1.1 169.254.1.1 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1 Request timeout for icmp_seq 2 C 256 packets and JunOS router is dead and after analyze sniffing traffic we are know true evil TCP packet The JUNOS firewall filter ACL is unable to filter a TCP packet with this issue Successful exploitation requires knowledge of a listening remote TCP port opened or firewall filtered, it doesn't matter at all .For example, attackers can send blind a many number crafted packets to well known TCP ports 22 SSH, 179 BGP and other .And That's enough.
Les mots clés de la revue de presse pour cet article : juniper remote kernel crash
Les videos sur SecuObs pour les mots clés : remote crash
Les éléments de la revue Twitter pour les mots clé : juniper remote kernel crash
Les derniers articles du site " Positive Technologies Research Lab" :
- RFI over SQL Injection Cross-Site Scripting
- Magic Quotes
- Methods of Quick Exploitation of Blind SQL Injection
- Juniper JUNOS Remote Kernel Crash Flaw
- WASC Threat Classification v2.0 is Out
- Over 32 million accounts have been compromised the result of an attack on the RockYou.com site
- HTTP Parameter Fragmentation HPF is one of the methods to bypass security filters in web applications
- non blind SQL Injection
- Password analysis for Windows Live Hotmail users
- Another fine method to exploit SQL Injection and bypass WAF
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
