Juniper IVE OS Unintentionally Trusted Certificate Authorities

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

According to its self-reported version, the version of IVE OS running
on the remote host has an insecure SSL configuration. Internal and
development Certificate Authorities (CAs) used by Juniper during testing
were mistakenly included and explicitly trusted in public releases of
IVE OS. A man-in-the-middle attacker could with access to these CAs
could exploit this to compromise the confidentiality and integrity of
SSL connections without being detected.

This plugin determines whether or not the system is vulnerable solely by
check the OS version. It does not check if the workaround in Juniper
Security Advisory JSA10571 is being used.

See also :

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10571

Solution :

Upgrade to IVE OS 7.1r7 or later, or use the workaround listed in
Juniper Security Advisory JSA10571.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 3.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 69183 ()

Bugtraq ID: 60521

CVE ID: