Juniper Junos debug.php J-Web Component Unauthenticated Debug Access (PSN-2011-02-158)
Medium Nessus Plugin ID 55940
SynopsisThe remote device has debugging features enabled.
DescriptionAccording to its self-reported version number, the remote device is running a version of Junos with a vulnerable J-Web component.
The 'debug.php' file was inadvertently included with this Junos release. This file enables unspecified debugging functions and output.
A remote, unauthenticated attacker could exploit this to have unspecified impact on confidentiality and integrity.
SolutionApply the relevant Junos upgrade referenced in Juniper advisory PSN-2011-02-158.