Full Disclosure mailing list archives

Juniper NSM remote Denial Of Service

From: David Maciejak <david.maciejak () kyxar fr>
Date: Wed, 28 Dec 2005 00:50:45 +0100


Juniper NSM remote Denial Of Service

"NetScreen-Security Manager is a software that enables you to integrate and
centralize management of your Juniper Networks NetScreen security environment."

More information can be found on
http://www.juniper.net/customers/support/products/nsm.jsp


Description:

Malicious user can cause a remote denial of service on
guiSrv(port 7800) and devSrv(port 7801) by sending specially
crafted and long strings.

NSM 2004 FP2 and FP3 are known to be vulnerable.

By default, a watchdog service is installed with NSM. 
It is able to restart automatically dead services
(the test is about every 5 min).


Proof of Concept:

I am not intent to publicly disclose the PoC.


Workaround:

Upgrade at least to NSM FP4r1 also known as 2005.1


Thanks to quick responses from Juniper Security Team.

David Maciejak



--------------------------------------------------------------------------------
KYXAR.FR - Mail envoyé depuis http://webmail.kyxar.fr
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Juniper NSM remote Denial Of Service David Maciejak (Dec 27)