Detections
Analytics

Juniper NetScreen Security Manager (NSM) guiSrv/devSrv Crafted String Remote DoS

high Nessus Plugin ID 20388

Language:

Synopsis

The remote server is affected by a remote denial of service flaw.

Description

The version of Juniper NetScreen-Security Manager (NSM) installed on the remote host may allow an attacker to deny service to legitimate users using specially crafted long strings to the guiSrv and devSrv processes. A watchdog service included in Juniper NSM, though, automatically restarts the application.

By repeatedly sending a malformed request, an attacker may permanently deny access to legitimate users.

Solution

Upgrade to Juniper NSM version 2005.1

See Also

https://seclists.org/fulldisclosure/2005/Dec/1304

http://www.juniper.net/customers/support/products/nsm.jsp

Plugin Details

Severity: High

ID: 20388

File Name: nsm2004_dos.nasl

Version: 1.18

Type: remote

Family: Firewalls

Published: 1/10/2006

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 12/27/2005

Reference Information

CVE: CVE-2005-4587

BID: 16075