 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.106042 |
| Category: | JunOS Local Security Checks |
| Title: | Juniper Networks Junos OS FTPS-Extensions Vulnerability |
| Summary: | Junos OS is prone to a vulnerability in BFD daemon. |
| Description: | Summary: Junos OS is prone to a vulnerability in BFD daemon. Vulnerability Insight: The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration. Vulnerability Impact: An unauthenticated remote attacker may cause to expose TCP ports for arbitrary data channels. Affected Software/OS: Junos OS 12.1, 12.3, 15.1 Solution: New builds of Junos OS software are available from Juniper. As a workaround do not enable 'ftps-extentions' options if FTPS is not needed. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-5361 https://kb.juniper.net/JSA10706 |
| Copyright | Copyright (C) 2015 Greenbone Networks GmbH |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |