Rewterz Threat Advisory – Red Hat Update for flash-plugin – Information Disclosure Vulnerabilities

April 11, 2019

Rewterz Threat Advisory – Juniper SRX Series Proxy ARP Denial of Service Vulnerability

April 11, 2019

Rewterz Threat Advisory – Juniper Junos OS Firewall Filter Security Bypass Vulnerability

April 11, 2019

Severity

Medium

Analysis Summary

CVE-2019-0036

When configuring a stateless firewall filter in Junos OS, terms named using the format “internal-n” (e.g. “internal-1”, “internal-2”, etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results.

Impact

Security Bypass

Affected Vendors

Juniper

Affected Products

Juniper Junos OS 12.12.3 and prior
Juniper Junos OS 14.14.1X53 prior to 14.1X53-D130 and 14.1X53-D49
Juniper Junos OS 15.15.1 prior to 15.1F6-S12 and 15.1R7-S4
15.1X49 prior to 15.1X49-D161 and 15.1X49-D170
and 15.1X53 prior to 15.1X53-D236
15.1X53-D496 and 15.1X53-D69.

Remediation

Update or upgrade to version

14.1X53-D130, 14.1X53-D49, 15.1F6-S12, 15.1R7-S4, 15.1X49-D161, 15.1X49-D170, 15.1X53-D236, 15.1X53-D496, or 15.1X53-D69.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Threat Actors Abuse Gmail SMTP in Sophisticated Python Package Attack

DarkCrystal RAT aka DCRat – Active IOCs

Exploiting NodeJS Jenkins Agents for Remote Code Execution

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Red Hat Update for flash-plugin – Information Disclosure Vulnerabilities

Rewterz Threat Advisory – Juniper SRX Series Proxy ARP Denial of Service Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.