Juniper NetScreen ScreenOS 3.0.1 r2

CPE Details

Juniper NetScreen ScreenOS 3.0.1 r2
juniper
netscreen_screenos
3.0.1r2
2007-08-23
19h16 +00:00
2008-04-07
12h15 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:juniper:netscreen_screenos:3.0.1r2:*:*:*:*:*:*:*

Informations

Vendor

juniper

Product

netscreen_screenos

Version

3.0.1r2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2008-6096 2009-02-09 16h00 +00:00 Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page.
4.3
CVE-2002-2150 2005-11-16 21h17 +00:00 Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.
5
CVE-2005-2640 2005-08-20 02h00 +00:00 Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid.
5
CVE-2004-1446 2005-02-13 04h00 +00:00 Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet.
5
CVE-2002-1547 2004-09-01 02h00 +00:00 Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144.
5
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.