Juniper ScreenOS 6.3.x < 6.3.0r24 SSL Death Alert (JSA10808)
High Nessus Plugin ID 103925
SynopsisThe remote host is affected by a TLS/SSL vulnerability.
DescriptionThe version of Juniper ScreenOS running on the remote host is 6.3.x prior to 6.3.0r24. It is, therefore, affected by a vulnerability in the way the TLS/SSL protocol specifies processing of ALERT packets during a connection handshake.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Juniper ScreenOS version 6.3.0r24 or later. Alternatively, apply the workaround referenced in the vendor's advisory.