January 18, 2019

Language:

19-03: ក្រុមហ៊ុន Juniper Network ចេញផ្សាយអំពីការអាប់ដេតសន្តិសុខដើម្បីជួសជុលចំនុចខ្សោយជាច្រើន

១.ព័ត៌មានទូទៅ

ក្រុមហ៊ុន Juniper Networks ដែលត្រូបានគេស្គាល់ថាជាក្រុមហ៊ុនល្បីលប្បាញលក់ឧបករណ៍បណ្តាញមានដូចជា៖ routers, switches, កម្មវិធីគ្រប់គ្រងបណ្តាញ និងសុវត្ថិភាពបណ្តាញ បានបញ្ចេញការអាប់ដេតនៃសន្តិសុខជាច្រើនដើម្បីដោះជួសជុលចំនុចខ្សោយនៅក្នុងផលិតផល Juniper ផ្សេងៗ។ អ្នកវាយប្រហារពីចម្ងាយអាចវាយលុកលើចំនុចខ្សោយទាំងនេះ ដើម្បីគ្រប់គ្រងប្រព័ន្ធដែលរងផលប៉ះពាល់។

២.ផលិតផលរងផលប៉ះពាល់

Status Version ID Title Views Last Updated
Published JSA10913 2019-01 Security Bulletin: Junos OS: RPD crash upon receipt of malformed PIM packet (CVE-2019-0013) 6,359 7 hours ago
Published JSA10912 2019-01 Security Bulletin: Junos OS: rpd crash on VPLS PE upon receipt of specific BGP message (CVE-2019-0012) 5,684 7 hours ago
Published JSA10911 2019-01 Security Bulletin: Junos OS: Kernel crash after processing specific incoming packet to the out of band management interface (CVE-2019-0011) 6,329 7 hours ago
Published JSA10906 2019-01 Security Bulletin: Junos OS: EX, QFX and MX series: Packet Forwarding Engine manager (FXPC) process crashes due to a crafted HTTP packet in a Virtual Chassis configuration (CVE-2019-0006) 10,963 7 hours ago
Published JSA10905 2019-01 Security Bulletin: Junos OS: EX and QFX series: Stateless firewall filter ignores IPv6 extension headers (CVE-2019-0005) 6,853 10 hours ago
Published JSA10900 2019-01 Security Bulletin: Junos OS: MX Series: uncontrolled recursion and crash in Broadband Edge subscriber management daemon (bbe-smgd). (CVE-2019-0001) 10,713 1 day ago
Published JSA10901 2019-01 Security Bulletin: Junos OS: EX2300 and EX3400 series: Certain stateless firewall filter rules might not take effect (CVE-2019-0002) 7,495 1 day ago
Published JSA10902 2019-01 Security Bulletin: Junos OS: A flowspec BGP update with a specific term-order causes routing protocol daemon (rpd) process to crash with a core. (CVE-2019-0003) 8,978 1 day ago
Published JSA10903 2019-01 Security Bulletin: Junos OS: vMX series: Predictable IP ID sequence numbers vulnerability (CVE-2019-0007) 6,436 1 day ago
Published JSA10904 2019-01 Security Bulletin: Junos OS: FreeBSD-SA-15:20.expat : Multiple integer overflows in expat (libbsdxml) XML parser (CVE-2015-1283) 8,067 1 day ago
Published JSA10907 2019-01 Security Bulletin: SRC Series: Multiple vulnerabilities in Juniper Networks Session and Resource Control (SRC) 5,272 1 day ago
Published JSA10909 2019-01 Security Bulletin: Junos OS: EX2300 and EX3400: High disk I/O operations may disrupt the communication between RE and PFE (CVE-2019-0009) 6,091 1 day ago
Published JSA10910 2019-01 Security Bulletin: Junos OS: SRX Series: Crafted HTTP traffic may cause UTM to consume all mbufs, leading to Denial of Service (CVE-2019-0010) 8,589 1 day ago
Published JSA10914 2019-01 Security Bulletin: Junos OS: QFX and PTX Series: FPC process crashes after J-Flow processes a malformed packet (CVE-2019-0014) 3,777 1 day ago
Published JSA10915 2019-01 Security Bulletin: Junos OS: SRX Series: Deleted dynamic VPN users are allowed to establish VPN connections until reboot (CVE-2019-0015) 4,612 1 day ag
Published JSA10916 2019-01 Security Bulletin: Junos OS: Multiple vulnerabilities in libxml2 7,632 1 day ago
Published JSA10917 2019-01 Security Bulletin: Junos Space: Multiple vulnerabilities resolved in 18.3R1 and 18.4R1 releases 5,208 1 day ago
Published JSA10918 2019-01 Security Bulletin: Juniper ATP: Multiple vulnerabilities resolved in 5.0.3 and 5.0.4 6,385 1 day ago
Published JSA10919 2019-01 Security Bulletin: Junos OS: OpenSSL Security Advisories [16 Apr 2018] and [12 June 2018] 5,843 1 day ago

៣.ការណែនាំ

អភិបាលគ្រប់គ្រងទៅលើប្រព័ន្ធ និងអ្នកប្រើប្រាស់ផលិតផល Juniper គួរតែធ្វើការអាប់ដេតទៅកាន់កំណែចុងក្រោយបង្អស់ ដើម្បីការមិនឱ្យមានការវាយលុកទៅលើចំនុចខ្សោយនេះ។

តំណភ្ជាប់ទៅកាន់ទំព័រនៃការអាប់ដេត

៤.ឯកសារពាក់ព័ន្ធ

  • https://www.us-cert.gov/ncas/current-activity/2019/01/09/Juniper-Networks-Releases-Multiple-Security-Updates
  • https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES