Juniper ScreenOS 6.3.0r20 SSH ssh-pka SSH Negotiation RCE (JSA10712)
Critical Nessus Plugin ID 87539
SynopsisThe remote host is affected by a remote code execution vulnerability.
DescriptionThe remote host is running Juniper ScreenOS version 6.3.0r20. It is, therefore, affected by a remote code execution vulnerability due to improper handling of specially crafted SSH negotiations when ssh-pka is configured. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code.
SolutionUpgrade to Juniper ScreenOS 6.3.0r21 or later.