Detections
Analytics

Juniper Junos Space < 15.1R2 Multiple Vulnerabilities (JSA10727) (Bar Mitzvah) (Logjam)

high Nessus Plugin ID 91779

Language:

Synopsis

The remote device is affected by multiple vulnerabilities.

Description

According to its self-reported version number, the version of Junos Space running on the remote device is prior to 15.1R2. It is, therefore, affected by multiple vulnerabilities :

 - A flaw exists in the JCE component in the Oracle Java runtime due to various cryptographic operations using non-constant time comparisons. An unauthenticated, remote attacker can exploit this, via timing attacks, to disclose potentially sensitive information.
 (CVE-2015-2601)

 - A flaw exists in the JCE component in the Oracle Java runtime, within the ECDH_Derive() function, due to missing EC parameter validation when performing ECDH key derivation. A remote attacker can exploit this to disclose potentially sensitive information.
 (CVE-2015-2613)

 - A flaw exists in the JSSE component in the Oracle Java runtime, related to performing X.509 certificate identity checks, that allows a remote attacker to disclose potentially sensitive information. (CVE-2015-2625)

 - A NULL pointer dereference flaw exists in the Security component in the Oracle Java runtime, which is related to the GCM (Galois Counter Mode) implementation when performing encryption using a block cipher in GCM mode.
 An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2015-2659)

 - A security feature bypass vulnerability exists, known as Bar Mitzvah, due to improper combination of state data with key data by the RC4 cipher algorithm during the initialization phase. A man-in-the-middle attacker can exploit this, via a brute-force attack using LSB values, to decrypt the traffic. (CVE-2015-2808)

 - A man-in-the-middle vulnerability, known as Logjam, exists due to a flaw in the SSL/TLS protocol. A remote attacker can exploit this flaw to downgrade connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. (CVE-2015-4000)

 - A flaw exists in the Security component in the Oracle Java runtime when handling Online Certificate Status Protocol (OCSP) responses with no 'nextUpdate' date specified. A remote attacker can exploit this to cause a revoked X.509 certificate to be accepted.
 (CVE-2015-4748)

 - A flaw exists in the JNDI component in the Oracle Java runtime, within the DnsClient::query() function, due to a failure by DnsClient exception handling to release request information. An unauthenticated, remote attacker can exploit this to cause a denial of service condition.
 (CVE-2015-4749)

Solution

Upgrade to Junos Space version 15.1R2 or later.

See Also

http://www.nessus.org/u?a84b985b

http://www.nessus.org/u?4bbf45ac

https://weakdh.org/

Plugin Details

Severity: High

ID: 91779

File Name: juniper_space_jsa10727.nasl

Version: 1.6

Type: local

Published: 6/23/2016

Updated: 12/5/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:juniper:junos_space

Required KB Items: Host/Junos_Space/version

Exploit Ease: No known exploits are available

Patch Publication Date: 4/13/2016

Vulnerability Publication Date: 1/19/2015

Reference Information

CVE: CVE-2015-2601, CVE-2015-2613, CVE-2015-2625, CVE-2015-2659, CVE-2015-2808, CVE-2015-4000, CVE-2015-4748, CVE-2015-4749

BID: 73684, 74733, 75854, 75867, 75871, 75877, 75890, 75895

JSA: JSA10727