Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #2988 (09/12/2017)

13 new signatures:

HIGHSSL:VULN:SSL-CERT-OOBSSL: OpenSSL X.509 IPAddressFamily Extension Parsing Out-of-Bounds Read
LOWHTTP:STC:ATLASSIAN-INFO-DISHTTP: Atlassian FishEye and Crucible mostActiveCommitters Information Disclosure
HIGHHTTP:STC:JAVA:MS-CVE-2017-8656HTTP: Microsoft Edge PreVisitCatch Uninitialized Memory Use
HIGHAPP:MISC:TMCM-CM-TVCSC-SQLIAPP: Trend Micro Control Manager cmdHandlerTVCSCommander SQL Injection
MEDIUMSMB:MS-WIN-SEARCH-IDSMB: Microsoft Windows Search Information Disclosure
MEDIUMIKE:STRONGSWAN-GMP-DOSIKE: strongSwan gmp Plugin Denial of Service
HIGHHTTP:STC:DL:CVE-2017-8682-EOPHTTP: Microsoft Windows CVE-2017-8682 Elevation of Privileges
HIGHHTTP:APACHE:APACHE-REST-DE-SRL1HTTP: Apache Struts 2 REST Plugin XStreamHandler Insecure Deserialization
HIGHHTTP:APACHE:APACHE-REST-DE-SRL2HTTP: Apache Struts2 REST Plugin XStreamHandler Insecure Deserialization
CRITICALSSL:SSL-ALIENTVAULT-CMD-INJSSL: Alien Valut Command Injection
HIGHPORTMAPPER:ORACLE-SOLARIS-HBOPORTMAPPER: Oracle Solaris RPC CVE-2017-3623 Heap Buffer Overflow
CRITICALHTTP:ALIENTVAULT-CMD-INJHTTP: Alien Valut Command Injection
CRITICALHTTP:MISC:TRENDMICRO-CMD-INJHTTP: Trend Micro Command Injection In HTTP Variables

6 updated signatures:

INFOP2P:EDONKEY:FILE-DOWNLOAD-REQP2P: eDonkey 2000 Client Download Request
HIGHHTTP:STC:DL:QT-COLOR-ATOMHTTP: Apple QuickTime Color Table Atom Movie File Handling Heap Corruption
HIGHRADIUS:CLIENT-CERT-VERIF-BORADIUS: FreeRADIUS Client Certificate Verification Stack Buffer Overflow
INFOAPP:GAME:CS-S-CONNECTAPP: Counter-Strike Source Client Connect
MEDIUMAPP:ICECAST-BOFAPP: Icecast 2.0 Server Header Overwrite
HIGHDB:MS-SQL:XP_CMDSHELL-TDSDB: MS-SQL XP_CMDSHELL Program Execution (TDS)


Details of the signatures included within this bulletin:

P2P:EDONKEY:FILE-DOWNLOAD-REQ - P2P: eDonkey 2000 Client Download Request

Severity: INFO

Description:

This signature detects file download requests from an eDonkey 2000 peer-to-peer file sharing client. This signature detects the majority of file download requests; for complete coverage, bind this Attack Object to "any" service in your Security Policy rule.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • url: http://www.edonkey2000.com/
  • url: ftp://ftp.kom.e-technik.tu-darmstadt.de/pub/papers/HB02-1-paper.pdf
  • url: http://www.cs.huji.ac.il/labs/danss/presentations/emule.pdf

HTTP:STC:DL:QT-COLOR-ATOM - HTTP: Apple QuickTime Color Table Atom Movie File Handling Heap Corruption

Severity: HIGH

Description:

There exists a memory corruption vulnerability in Apple QuickTime. The flaw is due to boundary errors when processing QuickTime Movie files. A remote attacker can exploit this vulnerability by enticing the target user to open a crafted QuickTime Movie file. Successful exploitation may lead to arbitrary code execution in the security context of the logged in user. In an attack case where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the current user. In an attack case where code injection is not successful, if the affected Apple QuickTime process will terminate abnormally.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2007-4677
  • bugtraq: 26338

Affected Products:

  • Apple QuickTime Player 7.1.2
  • Apple QuickTime Player 7.1
  • Apple QuickTime Player 7.1.6
  • Apple QuickTime Player 7.1.4
  • Apple QuickTime Player 7.1.5
  • Apple QuickTime Player 7.0.3
  • Apple QuickTime Player 7.0.2
  • Apple QuickTime Player 7.2
  • Apple QuickTime Player 7.0.1
  • Apple QuickTime Player 7.1.3
  • Apple QuickTime Player 7.0.0
  • Apple QuickTime Player 7.0.4
  • Apple QuickTime Player 7.1.1

RADIUS:CLIENT-CERT-VERIF-BO - RADIUS: FreeRADIUS Client Certificate Verification Stack Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known flaw in FreeRADIUS Client Certificate Verification. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • bugtraq: 55483
  • cve: CVE-2012-3547
  • url: http://www.debian.org/security/2012/dsa-2546
  • url: http://www.ubuntu.com/usn/usn-1585-1/

Affected Products:

  • freeradius 2.1.10
  • freeradius 2.1.11
  • freeradius 2.1.12

APP:GAME:CS-S-CONNECT - APP: Counter-Strike Source Client Connect

Severity: INFO

Description:

This signature detects a Counter-Strike Source Client Connect. Counter-Strike Source is a first-person shooter (FPS) game. This can be a violation of your organization's acceptable use policy. Blocking this connection prevents the user from playing on the server.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • url: http://www.counter-strike.net/

APP:ICECAST-BOF - APP: Icecast 2.0 Server Header Overwrite

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Icecast Server 2.0. Versions 2.0.1 and 2.0 are vulnerable. Attackers can remotely exploit this vulnerability by sending headers that exceed numbers by 31, allowing for complete control over the target computer.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • url: http://www.securiteam.com/exploits/6X00315BFM.html
  • bugtraq: 11271
  • url: http://www.securityfocus.com/archive/1/376708
  • cve: CVE-2004-1561

Affected Products:

  • Icecast 2.0.1
  • Icecast 2.0.0

SSL:VULN:SSL-CERT-OOB - SSL: OpenSSL X.509 IPAddressFamily Extension Parsing Out-of-Bounds Read

Severity: HIGH

Description:

An out-of-bounds read vulnerability has been reported in OpenSSL. A remote attacker could exploit this vulnerability by sending a crafted certificate to a vulnerable server. Successful exploitation of this vulnerability could lead to denial-of-service conditions on the target server.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2017-3735
  • bugtraq: 100515

HTTP:STC:ATLASSIAN-INFO-DIS - HTTP: Atlassian FishEye and Crucible mostActiveCommitters Information Disclosure

Severity: LOW

Description:

An information disclosure vulnerability has been reported in Atlassian FishEye and Crucible. Successful exploitation results in the disclosure of sensitive information such as email addresses.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • url: https://jira.atlassian.com/browse/cruc-8053
  • url: https://jira.atlassian.com/browse/fe-6892
  • cve: CVE-2017-9512

HTTP:STC:JAVA:MS-CVE-2017-8656 - HTTP: Microsoft Edge PreVisitCatch Uninitialized Memory Use

Severity: HIGH

Description:

An improper initialization of memory vulnerability has been reported in Chakra, Microsoft Edge's scripting engine.A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page. Successful exploitation could lead to arbitrary code execution in the security context of the target user.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • bugtraq: 100033
  • url: https://bugs.chromium.org/p/project-zero/issues/detail?id=1266
  • cve: CVE-2017-8656

APP:MISC:TMCM-CM-TVCSC-SQLI - APP: Trend Micro Control Manager cmdHandlerTVCSCommander SQL Injection

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in the Trend Micro Control Manager. Successful exploitation of this vulnerability, in conjunction with other vulnerabilities, could lead to code execution under the security context of the database.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2017-11383

SMB:MS-WIN-SEARCH-ID - SMB: Microsoft Windows Search Information Disclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability in the Search component of Microsoft Windows. Successful exploitation results in the disclosure of information which could be used to further compromise the user's system.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.1.110110719, mx-11.4, mx-16.1, srx-17.3, vmx-17.4, isg-3.4.139899, j-series-9.5, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.0.110121210, vsrx-15.1, idp-4.1.110110609, isg-3.5.141597, idp-5.1.110160603

References:

  • bugtraq: 98826
  • cve: CVE-2017-8544

IKE:STRONGSWAN-GMP-DOS - IKE: strongSwan gmp Plugin Denial of Service

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability in strongSwan. Successful exploitation of this vulnerability could result in denial-of-service conditions on the target server.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • bugtraq: 100492
  • cve: CVE-2017-11185

HTTP:STC:DL:CVE-2017-8682-EOP - HTTP: Microsoft Windows CVE-2017-8682 Elevation of Privileges

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Windows. A successful attack can lead to elevation of privileges.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2017-8682

HTTP:APACHE:APACHE-REST-DE-SRL1 - HTTP: Apache Struts 2 REST Plugin XStreamHandler Insecure Deserialization

Severity: HIGH

Description:

An insecure deserialization vulnerability has been discovered in Apache Struts 2 REST Plugin. A remote attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation will allow an attacker to execute arbitrary code with the privileges of the server.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • url: https://lgtm.com/blog/apache_struts_cve-2017-9805
  • url: https://struts.apache.org/docs/s2-052.html
  • cve: CVE-2017-9805

HTTP:APACHE:APACHE-REST-DE-SRL2 - HTTP: Apache Struts2 REST Plugin XStreamHandler Insecure Deserialization

Severity: HIGH

Description:

An insecure deserialization vulnerability has been discovered in Apache Struts 2 REST Plugin. A remote attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation will allow an attacker to execute arbitrary code with the privileges of the server.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • cve: CVE-2017-9805

SSL:SSL-ALIENTVAULT-CMD-INJ - SSL: Alien Valut Command Injection

Severity: CRITICAL

Description:

This signature detects attempts to exploit a known vulnerability against AlienVault USM and OSSIM. The vulnerability is due to a failure to sanitize input on requests to get_fqdn function. Successful exploitation could result in arbitrary command execution with ROOT/SYSTEM privileges.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.1.110110719, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.4.0, isg-3.5.0, isg-3.4.139899, j-series-9.5, srx-12.1, srx-branch-12.1, idp-4.2.110100823, idp-5.0.110130325, mx-11.4, isg-3.4.140032, idp-4.2.110101203, vsrx-12.1, idp-5.1.0, idp-5.0.110121210, vsrx-15.1, idp-4.1.110110609, isg-3.5.141597, idp-5.1.110160603

References:

  • url: https://blogs.securiteam.com/index.php/archives/3085

DB:MS-SQL:XP_CMDSHELL-TDS - DB: MS-SQL XP_CMDSHELL Program Execution (TDS)

Severity: HIGH

Description:

This signature detects attempts to use the xp_cmdshell command in Microsoft SQL Servers. A successful attack can allow the attackers to execute arbitrary code.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • url: http://www.cert.org/incident_notes/IN-2002-04.html

PORTMAPPER:ORACLE-SOLARIS-HBO - PORTMAPPER: Oracle Solaris RPC CVE-2017-3623 Heap Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in the Oracle Solaris RPC. Successful exploitation could lead to the arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • bugtraq: 97778
  • url: http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
  • cve: CVE-2017-3623

HTTP:ALIENTVAULT-CMD-INJ - HTTP: Alien Valut Command Injection

Severity: CRITICAL

Description:

This signature detects attempts to exploit a known vulnerability against AlienVault USM and OSSIM. The vulnerability is due to a failure to sanitize input on requests to get_fqdn function. Successful exploitation could result in arbitrary command execution with ROOT/SYSTEM privileges.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • url: https://blogs.securiteam.com/index.php/archives/3085

HTTP:MISC:TRENDMICRO-CMD-INJ - HTTP: Trend Micro Command Injection In HTTP Variables

Severity: CRITICAL

Description:

The signature is trying to capture any command injection vulnerabilites present in http parameters. Successful exploitation by remote use could lead to arbitrary command execution under the security context of the root user.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

  • url: https://success.trendmicro.com/solution/1116749
  • url: http://www.zerodayinitiative.com/advisories/zdi-17-118/
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out