Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #3456 (01/13/2022)

2 new signatures:

MEDIUMHTTP:OVERFLOW:DOPSFT-XLS-MULHTTP: Delta Industrial Automation DOPSoft XLS Multiple Buffer Overflow
MEDIUMHTTP:CTS:IVANTI-AVA-ES-CMD-INJHTTP: Ivanti Avalanche Enterprise Service Command Injection

1 updated signature:

HIGHHTTP:DIR:NOVELL-GROUPWSE-DIRTRAHTTP: Novell GroupWise Admin Service FileUploadServlet Directory Traversal


Details of the signatures included within this bulletin:


HTTP:DIR:NOVELL-GROUPWSE-DIRTRA - HTTP: Novell GroupWise Admin Service FileUploadServlet Directory Traversal

Severity: HIGH

Description:

This signature detects directory traversal attempts in Administration Service of Novell GroupWise 2014.A successful attack can lead to gain access to restricted files. This may lead to disclosure of sensitive information.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-12.3, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.3, srx-branch-12.3, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2014-0600

HTTP:OVERFLOW:DOPSFT-XLS-MUL - HTTP: Delta Industrial Automation DOPSoft XLS Multiple Buffer Overflow

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Delta Industrial Automation DOPSoft. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-12.3, srx-12.3, srx-branch-12.3, vsrx-12.1, vsrx-15.1

References:

  • url: http://www.zerodayinitiative.com/advisories/ZDI-21-956/
  • url: http://www.zerodayinitiative.com/advisories/ZDI-21-957/
  • cve: CVE-2021-38406
  • url: http://www.zerodayinitiative.com/advisories/ZDI-21-960/

Affected Products:

  • Deltaww dopsoft 2.00-2.00.07

HTTP:CTS:IVANTI-AVA-ES-CMD-INJ - HTTP: Ivanti Avalanche Enterprise Service Command Injection

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Ivanti Avalanche Enterprise Service. A successful attack can lead to command injection and arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-12.3, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.3, srx-branch-12.3, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2021-42129

Affected Products:

  • Ivanti avalanche
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out