Juniper Junos SRX Series FTP ALG ftps-extension TCP Port Exposure (JSA10706)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

According to its self-reported version number, the remote Juniper
Junos SRX series device is affected by a flaw in handling the
ftps-extension option when the SRX secures the FTPS server. An
unauthenticated, remote attacker can exploit this flaw to expose TCP
ports for arbitrary data channels.

Note that this issue only affects devices with the FTP Application
Layer Gateway (ALG) enabled with the ftps-extensions option.

See also :

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10706

Solution :

Apply the relevant Junos software release or workaround referenced in
Juniper advisory JSA10706.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)

Family: Junos Local Security Checks

Nessus Plugin ID: 86607 ()

Bugtraq ID:

CVE ID: CVE-2015-5361

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now