August 14, 2020

Language:

CamSA19-19: ក្រុមហ៊ុន Juniper Network ចេញផ្សាយអំពីការអាប់ដេតសន្តិសុខដើម្បីជួសជុលចំនុចខ្សោយជាច្រើនសម្រាប់ខែមេសា ឆ្នាំ២០១៩

១.ព័ត៌មានទូទៅ

ក្រុមហ៊ុន Juniper Networks ដែលត្រូបានស្គាល់ថាជាក្រុមហ៊ុនល្បីលប្បាញលក់ឧបករណ៍បណ្តាញមានដូចជា៖ routers, switches កម្មវិធីគ្រប់គ្រងបណ្តាញ និងសុវត្ថិភាពបណ្តាញ បានបញ្ចេញការអាប់ដេតនៃសន្តិសុខជាច្រើនដើម្បីដោះជួសជុលចំនុចខ្សោយនៅក្នុង ផលិតផល Juniper ផ្សេងៗ។ អ្នកវាយប្រហារពីចម្ងាយអាចវាយលុកលើចំនុចខ្សោយទាំងនេះ ដើម្បីគ្រប់គ្រងប្រព័ន្ធដែលរងផល ប៉ះពាល់។

២.ផលិតផលរងផលប៉ះពាល់

Status Version ID Title Views Last Updated 
 Published JSA10925 2019-04 Security Bulletin: Junos OS: Firewall filter terms named “internal-1” and “internal-2” being ignored (CVE-2019-0036) 6,233 9 hours ago
 Published JSA10936 2019-04 Security Bulletin: Junos OS: SRX5000 series: Kernel crash (vmcore) upon receipt of a specific packet on fxp0 interface (CVE-2019-0044) 4,900 13 hours ago
 Published JSA10920 2019-04 Security Bulletin: Junos OS: jdhcpd daemon memory consumption Denial of Service when receiving specific IPv6 DHCP packets. (CVE-2019-0031) 5,400 15 hours ago
 Published JSA10921 2019-04 Security Bulletin: Junos Space Service Now and Service Insight: Organization username and password stored in plaintext in log files. (CVE-2019-0032) 4,237 15 hours ago
 Published JSA10922 2019-04 Security Bulletin: SRX Series: A remote attacker may cause a high CPU Denial of Service to the device when proxy ARP is configured. (CVE-2019-0033) 5,420 15 hours ago
 Published JSA10923 2019-04 Security Bulletin: Junos OS: gRPC hardcoded credentials may allow unauthorized access to systems with Junos Network Agent installed (CVE-2019-0034) 5,387 15 hours ago
 Published JSA10924 2019-04 Security Bulletin: Junos OS: ‘set system ports console insecure’ allows root password recovery on OAM volumes (CVE-2019-0035) 4,838 15 hours ago
 Published JSA10926 2019-04 Security Bulletin: Junos OS: jdhcpd crash upon receipt of crafted DHCPv6 solicit message (CVE-2019-0037) 4,611 15 hours ago
 Published JSA10927 2019-04 Security Bulletin: SRX Series: Crafted packets destined to fxp0 management interface on SRX340/SRX345 devices can lead to DoS (CVE-2019-0038) 4,505 15 hours ago
 Published JSA10928 2019-04 Security Bulletin: Junos OS: Login credentials are vulnerable to brute force attacks through the REST API (CVE-2019-0039) 5,215 15 hours ago
 Published JSA10929 2019-04 Security Bulletin: Junos OS: Specially crafted packets sent to port 111 on any interface triggers responses from the management interface (CVE-2019-0040) 4,105 15 hours ago
 Published JSA10930 2019-04 Security Bulletin: QFX5000 Series, EX4300, EX4600: A stack buffer overflow vulnerability in Packet Forwarding Engine manager (FXPC) process (CVE-2019-0008) 4,529 15 hours ago
 Published JSA10931 2019-04 Security Bulletin: Junos OS: BGP packets can trigger rpd crash when BGP tracing is enabled. (CVE-2019-0019) 3,417 15 hours ago
 Published JSA10932 2019-04 Security Bulletin: Junos OS: RPD process crashes due to specific BGP peer restarts condition. (CVE-2019-0028) 3,604 15 hours ago
 Published JSA10933 2019-04 Security Bulletin: Junos OS: EX4300-MP Series: IP transit traffic can reach the control plane via loopback interface. (CVE-2019-0041) 2,379 15 hours ago

៣.ការណែនាំ

អភិបាលគ្រប់គ្រងទៅលើប្រព័ន្ធ និងអ្នកប្រើប្រាស់ផលិតផល Juniper គួរតែធ្វើការអាប់ដេតទៅកាន់កំណែចុងក្រោយបង្អស់ដើម្បីបង្កា មិនឱ្យមានការវាយលុកទៅលើ ចំនុចទាំងខ្សោយនេះ។

តំណភ្ជាប់ទៅកាន់ទំព័រនៃការអាប់ដេត

.ឯកសារពាក់ព័ន្ធ

***Disclaimer: CamCERT own some of the content. Our purpose is pure to help spread the awareness, tips or other information related to security to everyone. Even though every information is true, accurate, completed and appropriate, we make no responsibility nor warranty since everything could go wrong.