September 22, 2019

Language:

CamSA19-19: ក្រុមហ៊ុន Juniper Network ចេញផ្សាយអំពីការអាប់ដេតសន្តិសុខដើម្បីជួសជុលចំនុចខ្សោយជាច្រើនសម្រាប់ខែមេសា ឆ្នាំ២០១៩

១.ព័ត៌មានទូទៅ

ក្រុមហ៊ុន Juniper Networks ដែលត្រូបានស្គាល់ថាជាក្រុមហ៊ុនល្បីលប្បាញលក់ឧបករណ៍បណ្តាញមានដូចជា៖ routers, switches កម្មវិធីគ្រប់គ្រងបណ្តាញ និងសុវត្ថិភាពបណ្តាញ បានបញ្ចេញការអាប់ដេតនៃសន្តិសុខជាច្រើនដើម្បីដោះជួសជុលចំនុចខ្សោយនៅក្នុង ផលិតផល Juniper ផ្សេងៗ។ អ្នកវាយប្រហារពីចម្ងាយអាចវាយលុកលើចំនុចខ្សោយទាំងនេះ ដើម្បីគ្រប់គ្រងប្រព័ន្ធដែលរងផល ប៉ះពាល់។

២.ផលិតផលរងផលប៉ះពាល់

Status Version ID Title Views Last Updated 
 Published JSA10925 2019-04 Security Bulletin: Junos OS: Firewall filter terms named “internal-1” and “internal-2” being ignored (CVE-2019-0036) 6,233 9 hours ago
 Published JSA10936 2019-04 Security Bulletin: Junos OS: SRX5000 series: Kernel crash (vmcore) upon receipt of a specific packet on fxp0 interface (CVE-2019-0044) 4,900 13 hours ago
 Published JSA10920 2019-04 Security Bulletin: Junos OS: jdhcpd daemon memory consumption Denial of Service when receiving specific IPv6 DHCP packets. (CVE-2019-0031) 5,400 15 hours ago
 Published JSA10921 2019-04 Security Bulletin: Junos Space Service Now and Service Insight: Organization username and password stored in plaintext in log files. (CVE-2019-0032) 4,237 15 hours ago
 Published JSA10922 2019-04 Security Bulletin: SRX Series: A remote attacker may cause a high CPU Denial of Service to the device when proxy ARP is configured. (CVE-2019-0033) 5,420 15 hours ago
 Published JSA10923 2019-04 Security Bulletin: Junos OS: gRPC hardcoded credentials may allow unauthorized access to systems with Junos Network Agent installed (CVE-2019-0034) 5,387 15 hours ago
 Published JSA10924 2019-04 Security Bulletin: Junos OS: ‘set system ports console insecure’ allows root password recovery on OAM volumes (CVE-2019-0035) 4,838 15 hours ago
 Published JSA10926 2019-04 Security Bulletin: Junos OS: jdhcpd crash upon receipt of crafted DHCPv6 solicit message (CVE-2019-0037) 4,611 15 hours ago
 Published JSA10927 2019-04 Security Bulletin: SRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices can lead to DoS (CVE-2019-0038) 4,505 15 hours ago
 Published JSA10928 2019-04 Security Bulletin: Junos OS: Login credentials are vulnerable to brute force attacks through the REST API (CVE-2019-0039) 5,215 15 hours ago
 Published JSA10929 2019-04 Security Bulletin: Junos OS: Specially crafted packets sent to port 111 on any interface triggers responses from the management interface (CVE-2019-0040) 4,105 15 hours ago
 Published JSA10930 2019-04 Security Bulletin: QFX5000 Series, EX4300, EX4600: A stack buffer overflow vulnerability in Packet Forwarding Engine manager (FXPC) process (CVE-2019-0008) 4,529 15 hours ago
 Published JSA10931 2019-04 Security Bulletin: Junos OS: BGP packets can trigger rpd crash when BGP tracing is enabled. (CVE-2019-0019) 3,417 15 hours ago
 Published JSA10932 2019-04 Security Bulletin: Junos OS: RPD process crashes due to specific BGP peer restarts condition. (CVE-2019-0028) 3,604 15 hours ago
 Published JSA10933 2019-04 Security Bulletin: Junos OS: EX4300-MP Series: IP transit traffic can reach the control plane via loopback interface. (CVE-2019-0041) 2,379 15 hours ago

៣.ការណែនាំ

អភិបាលគ្រប់គ្រងទៅលើប្រព័ន្ធ និងអ្នកប្រើប្រាស់ផលិតផល Juniper គួរតែធ្វើការអាប់ដេតទៅកាន់កំណែចុងក្រោយបង្អស់ដើម្បីបង្កា មិនឱ្យមានការវាយលុកទៅលើ ចំនុចទាំងខ្សោយនេះ។

តំណភ្ជាប់ទៅកាន់ទំព័រនៃការអាប់ដេត

.ឯកសារពាក់ព័ន្ធ