Juniper Junos J-Web URL Encoding Heap-Based Buffer Overflow (PSN-2013-01-807)
Critical Nessus Plugin ID 63519
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Junos device has a heap-based buffer overflow in the J-Web component. Sending an unspecified request related to URL encoding can corrupt heap memory. A remote, unauthenticated attacker could exploit this to execute arbitrary code.
SolutionApply the relevant Junos upgrade referenced in Juniper advisory PSN-2013-01-807.