Juniper signatures

Subscribe to Juniper signatures hírcsatorna Juniper signatures
Juniper RSS Feed
Frissítve: 58 perc 15 másodperc
2019. március 21.

Signature Update #3155

Signature Update #3155

8 new signatures:

HIGH HTTP:ORACLE:EBS-OPENRDRHTTP: Oracle E-Business Suite Open RedirectMEDIUM HTTP:INFO-LEAK:CITRIX-CC-IDHTTP: Citrix Command Center Information DisclosureMEDIUM HTTP:DIR:SEGATE-MEDIA-LFIHTTP: Seagate Media Server Path TraversalMEDIUM HTTP:INFO-LEAK:DT-DT80DEX-IDHTTP: DataTaker DT80 dEX Sensitive Configurations ExposureMEDIUM HTTP:INFO-LEAK:PENTAHO-BAPDI-IDHTTP: Pentaho BA Suite PDI Information DisclosureMEDIUM HTTP:INFO:SPLUNK-IDHTTP: Splunk Information DisclosureMEDIUM HTTP:MISC:DELL-EMC-ACCESSHTTP: Dell EMC Avamar and Integrated DPA Installation Manager Information DisclosureMEDIUM HTTP:MISC:FAT-FREE-CRM-CSRFHTTP: Fat Free CRM Cross Site Request Forgery

2 updated signatures.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 19.

Signature Update #3154

Signature Update #3154

6 new signatures:

MEDIUM HTTP:PHP:JOOMLA-SIMPLEFILEUPLDHTTP: Joomla mod simplefileupload Arbitrary File UploadHIGH HTTP:BIT-COIN-MININGHTTP: Bit-Coin Cryptocurrency MiningMEDIUM HTTP:DIR:MADDASH-WEBHTTP: MaDDash Multiple Directory Listing VulnerabilitiesHIGH HTTP:MISC:DOCKER-API-CEHTTP:Docker API Remote Code ExecutionMEDIUM HTTP:INFO-LEAK:DLINK-DIR-601-IDHTTP: D-link DIR-601 CVE-2018-5708 Information DisclosureHIGH HTTP:PHP:PRESTA-PSMODHTTP: Prestashop psmodthemeoptionpanel Arbitrary File Upload

1 renamed signature.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 18.

Signature Update #3153

Signature Update #3153

There were no updates in this release.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 15.

Signature Update #3152

Signature Update #3152

9 new signatures:

HIGH HTTP:STC:ADOBE:CVE-2019-7084-CEHTTP: Adobe Acrobat Reader CVE-2019-7084 Remote Code ExecutionMEDIUM HTTP:STC:ADOBE:CVE-2019-7074-IDHTTP: Adobe Acrobat Reader CVE-2019-7074 Information DisclosureHIGH HTTP:STC:ADOBE:CVE-2019-7076-CEHTTP: Adobe Pdf CVE-2019-7076 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7072-CEHTTP: Adobe Acrobat Reader CVE-2019-7072 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7052-CEHTTP: Adobe Pdf CVE-2019-7052 Remote Code ExecutionMEDIUM HTTP:STC:ADOBE:CVE-2019-7021-IDHTTP: Adobe Pdf CVE-2019-7021 Information DisclosureMEDIUM HTTP:STC:ADOBE:CVE-2019-7032-IDHTTP: Adobe Pdf CVE-2019-7032 Information DisclosureHIGH HTTP:STC:ADOBE:CVE-2019-7042N3HTTP: Adobe Reader CVE-2019-7042/3 Remote Code ExecutionMEDIUM HTTP:STC:ADOBE:CVE-2019-7034-IDHTTP: Adobe Pdf CVE-2019-7034 Information Disclosure

2 new protocol anomalies:

MEDIUMHTTP:COMPRESS:ENCODINGHTTP: Compress-EncodingMEDIUMHTTP:INVALID:ENCODINGHTTP: Invalid Encoding Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 14.

Signature Update #3151

Signature Update #3151

32 new signatures:

HIGH HTTP:MISC:SONATYPE-REPO-CMDINJHTTP: Sonatype Nexus Repository Manager CVE-2019-7238 Expression Language InjectionHIGH DNS:BIND-EDNS-DOSDNS: ISC BIND EDNS0 Key-Tag Memory Leak Denial of ServiceHIGH RPC:DCERPC:CVE-2018-18999-BORPC: Advantech WebAccess SCADA BwPAlarm.dll Stack-based Buffer OverflowHIGH HTTP:DIR:WINRAR-ACEHTTP: RARLAB WinRAR ACE Directory TraversalHIGH HTTP:MISC:HPE-IMC-PF-RCEHTTP: HPE Intelligent Management Center Remote Code ExecutionHIGH APP:MISC:CVE-2019-6250-IN-OVERAPP: ZeroMQ libzmq v2_decoder Integer OverflowMEDIUM DNS:PHP-GET-RCRD-OBDNS: PHP dns_get_record Out of Bounds ReadHIGH HTTP:STC:MICROSOFT-GD-IDHTTP: Microsoft Graphics Device Interface CVE-2019-0619 Information DisclosureHIGH HTTP:CVE-2018-15711-PRI-ESCHTTP: Nagios XI API Key Regeneration Privilege EscalationHIGH HTTP:PHP:DRPL-CORE-RCE-LINKHTTP: Drupal Core Web Services Remote Code ExecutionHIGH HTTP:STC:IE:CVE-2018-8174-RCE-1HTTP: Microsoft Internet Explorer CVE-2018-8174 Remote Code Execution 1HIGH VNC:OVERFLOW:CVE-2018-20020-BOVNC: libVNC LibVNCClient CoRRE Heap-based Buffer OverflowHIGH HTTP:STC:IE:CVE-2018-8174-RCE-2HTTP: Microsoft Internet Explorer CVE-2018-8174 Remote Code Execution 2HIGH HTTP:STC:IE:CVE-2018-8174-RCE-3HTTP: Microsoft Internet Explorer CVE-2018-8174 Remote Code Execution 3HIGH HTTP:STC:CVE-2017-5375-RCE-1HTTP: Mozilla Firefox CVE-2017-5375 Remote Code Execution 1HIGH HTTP:STC:IE:CVE-2018-8174-RCE-4HTTP: Microsoft Internet Explorer CVE-2018-8174 Remote Code Execution 4HIGH HTTP:STC:FF-NOTIFY-TM-CHANGE-1HTTP: Mozilla Firefox NotifyTimeChange Use After Free 1HIGH HTTP:STC:FF-NOTIFY-TM-CHANGE-2HTTP: Mozilla Firefox NotifyTimeChange Use After Free 2HIGH HTTP:STC:FF-NOTIFY-TM-CHANGE-3HTTP: Mozilla Firefox NotifyTimeChange Use After Free 3HIGH HTTP:STC:FF-NOTIFY-TM-CHANGE-4HTTP: Mozilla Firefox NotifyTimeChange Use After Free 4HIGH HTTP:STC:FF-NOTIFY-TM-CHANGE-5HTTP: Mozilla Firefox NotifyTimeChange Use After Free 5HIGH APP:MISC:RKWL-RRDATA-OFAPP: Rockwell Automation RSLinx Classic Forward Open Electronic Key Stack Buffer OverflowHIGH HTTP:STC:FF-NOTIFY-TM-CHANGE-6HTTP: Mozilla Firefox NotifyTimeChange Use After Free 6HIGH HTTP:STC:FF-NOTIFY-TM-CHANGE-7HTTP: Mozilla Firefox NotifyTimeChange Use After Free 7HIGH HTTP:STC:FF-NOTIFY-TM-CHANGE-8HTTP: Mozilla Firefox NotifyTimeChange Use After Free 8MEDIUM HTTP:APACHE:CVE-2018-11803-DOSHTTP: Apache Subversion mod_dav_svn Denial of ServiceHIGH SSL:VULN:CVE-2019-5010-DOSSSL: Python SSL X.509 DistributionPoint Extension NULL Pointer DereferenceHIGH HTTP:XSS:CISCO-ISEHTTP: Cisco Identity Services Engine 2.2 Cross Site ScriptingHIGH HTTP:STC:FOXIT-GETPAGE-UAFHTTP: Foxit Reader JavaScript getPageNumWords Use After FreeMEDIUM HTTP:STC:MICROSOFT-GDI-IDHTTP: Microsoft Graphics Device Interface CVE-2019-0602 Information DisclosureHIGH HTTP:MISC:LAQUIS-SCADA-CEHTTP: LAquis SCADA Web Server relatorionome NOME Command InjectionHIGH HTTP:XIPH-CAST-URL-AUTHHTTP: Xiph.org Icecast Server auth_url Stack Buffer Overflow

1 new protocol anomaly:

HIGHFTP:COMMAND:MULTISPACINGFTP: Multi-spacing

7 updated signatures.

2 renamed signatures.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 13.

Signature Update #3150

Signature Update #3150

2 new signatures:

HIGH APP:MISC:CVE-2018-7114-BOAPP: HPE Intelligent Management Center dbman decryptMsgAes Stack Buffer OverflowHIGH HTTP:COLDFUSION:ADOBE-COLDF-CEHTTP: Adobe ColdFusion JavaAdapter JavaBeanAdapter Insecure Deserialization Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 12.

Signature Update #3149

Signature Update #3149

21 new signatures:

HIGH APP:MISC:MQTT-CSNTA-RCEAPP: Cesanta Mongoose 6.8 CVE-2017-2894 MQTT Remote Code Execution.MEDIUM APP:BOMB-SCTP-AMP-3APP: SCTP Bombing Attack Amplification 3MEDIUM HTTP:SQL:INJ:JMLA-HATHORHTTP: Joomla CVE-2018-6789 Hathor postinstall messageHIGH HTTP:STC:EDGE:CVE-2019-0592-MCHTTP: Microsoft Edge Chakra Scripting Engine CVE-2019-0592 Memory CorruptionHIGH HTTP:STC:IE:CVE-2019-0609-MCHTTP: Microsoft Scripting Engine CVE-2019-0609 Memory CorruptionHIGH HTTP:STC:IE:CVE-2019-0665-MCHTTP: Microsoft Internet Explorer CVE-2019-0665 Memory CorruptionHIGH IP:MS-IGMP-2007-0069-CEIP: Microsoft Windows Kernel Remote Code ExecutionHIGH HTTP:STC:IE:CVE-2019-0667-MCHTTP: Microsoft Internet Explorer CVE-2019-0667 Memory CorruptionMEDIUM APP:MISC:MQTT-TOPIC-ECLIPSEAPP: Eclipse Mosquitto CVE-2018-12543 Denial of ServiceHIGH HTTP:STC:IE:CVE-2019-0666-MCHTTP: Microsoft Scripting Engine CVE-2019-0666 Memory CorruptionMEDIUM HTTP:MISC:TREND-AUTH-BYPASSHTTP: TRENDnet Routers CVE-2018-7034 Authentication BypassHIGH HTTP:STC:IE:CVE-2019-0763-MCHTTP: Microsoft Internet Explorer CVE-2019-0763 Memory CorruptionHIGH HTTP:STC:EDGE:CVE-2019-0771-RCEHTTP: Microsoft Edge CVE-2019-0771 Remote Code ExecutionMEDIUM HTTP:STC:CVE-2019-0755-IDHTTP: Microsoft Windows Kernel CVE-2019-0755 Information DisclosureHIGH HTTP:STC:EDGE:CVE-2019-0769-MCHTTP: Microsoft Edge CVE-2019-0769 Scripting Engine Memory CorruptionHIGH HTTP:STC:EDGE:CVE-2019-0770-RCEHTTP: Microsoft Edge CVE-2019-0770 Remote Code ExecutionHIGH HTTP:STC:IE:CVE-2019-0680-MCHTTP: Microsoft Internet Explorer CVE-2019-0680 Memory CorruptionHIGH HTTP:APACHE:SOLR-LISTERNER-RCEHTTP: Apache Solr CVE-2017-12629 Remote Code ExecutionHIGH HTTP:STC:IE:CVE-2019-0639-MCHTTP: Microsoft Scripting Engine CVE-2019-0639 Memory CorruptionHIGH DOS:SOFTROS-NET-TM-SYS-11HTTP: Softros Network Time System CVE-2018-7658 Denial of ServiceHIGH HTTP:STC:IE:CVE-2019-0768-SBHTTP: Microsoft Windows IE CVE-2019-0768 Security Bypass

7 updated signatures.

1 renamed signature.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 8.

Signature Update #3148

Signature Update #3148

1 updated signature.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 7.

Signature Update #3147

Signature Update #3147

11 new signatures:

HIGH HTTP:STC:QNAP-MULTIPLE-RCE-CVEHTTP: QNAP Qcenter Virtual Appliance Multiple CVE's Remote Code ExecutionMEDIUM HTTP:INFO-LEAK:CVE-2017-14942IDHTTP: Roteador Intelbras WRN150 Wireless Routers Information DisclosureHIGH HTTP:MISC:CSRF-EHCPHTTP: Easy Hosting Control Panel CVE-2018-6458 Cross-Site Request ForgeryHIGH HTTP:PHP:FERRET-CMS-FILE-UPLOADHTTP: Ferret CMS CVE-2015-1371 File UploadHIGH HTTP:CTS-TYPE3-CMS-RCEHTTP: Typo3 CMS Phar Insecure Deserialization Remote Code ExecutionMEDIUM HTTP:DOS:CVE-2018-7254-DOSHTTP: Wavpack CVE-2018-7254 Denial of ServiceHIGH HTTP:WORDPRESS-WP-PRIV-ESCHTTP: WordPress WP Membership PluginHIGH HTTP:CVE-2015-2090-SQL-INJHTTP: Wordpress Survey and Poll Plugin CVE-2015-2090 SQL InjectionHIGH HTTP:CTS-HPE-IMC-RCEHTTP: HPE Intelligent Management Center iccSelectCommand Expression Language InjectionHIGH DHCP:RQST:CVE-2019-0626-RCEDHCP: Microsoft Windows DHCP Server Code ExecutionLOW SPYWARE:RAT:TROCHILUSRAT-BCONSPYWARE: TrochilusRAT Malware Binary Beacon Communication

5 updated signatures.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 4.

Introducing Simplicity to Workload Diversity and Operational Uniformity

Introducing Simplicity to Workload Diversity and Operational Uniformity

Juniper Networks recently announced it has entered into an agreement to acquire Mist Systems. As Juniper’s CTO, I wanted to provide my thoughts about the technology synergies that underpin this move.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 4.

Juniper Networks Announces Intent to Acquire Mist Systems to Bring AI to IT, Delivering on Promise of Software-Defined Enterprise

Juniper Networks Announces Intent to Acquire Mist Systems to Bring AI to IT, Delivering on Promise of Software-Defined Enterprise

Today, we announced the next big step that Juniper Networks is taking in pursuit of a simpler IT experience. With our planned acquisition of Mist Systems, we are not only expanding our enterprise portfolio into the wireless arena, but also staking claim to AI-driven operations in the era of multicloud.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 4.

Security Monoculture Leads to Failure – Diversify and Scale with Juniper Connected Security

Security Monoculture Leads to Failure – Diversify and Scale with Juniper Connected Security

Information security is inextricable from all aspects of IT and it must include everything from cloud-based advanced threat prevention to physical switches that automatically quarantine infected devices.  Automating IT in order to simplify it, make it repeatable and allow multiple products to form a whole greater than any individual component, is the basis of Juniper Connected Security.

 

Juniper Connected Security combines inbuild detection of threats and the enforcement of policy with the capabilities of our partners to safeguard users, applications and infrastructure against advanced threats. Combining automation with a layered approach to defense provides our customers with the capabilities to answer both extant and emerging, internal and external threats. 

 

In the world of information security, some things are as much a certainty as death and taxes. These truisms have been discussed ad nauseam by security experts, vendors and even governments – the information security arms race, too much data, too many workloads and not enough skilled staff to manage it all. Add in a few regulations and organizations are at security overload.

 

Traditionally, these perpetual challenges have been used to push information security products by playing on our fears. The world is full of bogymen, it’s unpredictable and you probably don't have enough skilled people to defend your organization. Be afraid!

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. március 1.

Traffic Engineering Segment Routed Networks with NorthStar Controller

Traffic Engineering Segment Routed Networks with NorthStar Controller

Designing a network that provides optimal SLAs for its applications – bandwidth & latency guarantees, uptime and responsiveness - while reducing costs is a classic networking challenge. Historically, network planners have used sophisticated tools such as WANDL’s IP/MPLS View for capacity and scenario planning. Similarly, leading routing vendors have delivered real time end-to-end traffic engineering with built in CSPF (Constrained Shortest Path First) algorithms and RSVP-TE. These technologies have driven the growth of Internet and cloud applications by ensuring that cloud applications achieve desired network SLAs.

 

However, as cloud traffic continues to surge and new cloud services continue to go viral, network architectures must become simpler and more modular. New network architectures must allow more service customization and agility, while utilizing more cost effective routers/switches to transport ever increasing traffic economically. Most critically, network architectures must simplify operations.

 

Segment Routing (IETF name: SPRING) delivers network simplification by eliminating MPLS signaling protocols such as LDP and RSVP. It eliminates the hop-by-hop LSP path setup paradigm and allows the head-end router (or an application) to define the entire path for the application traffic by encoding path information in the packet itself. In this new SR paradigm, since the network contains no traffic engineering (TE) information, a Segment Routing (SR) controller is a must in order to ensure real time, end-to-end application level TE and SLA guarantees.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. február 28.

Signature Update #3146

Signature Update #3146

9 new signatures:

HIGH HTTP:CISCO:CISCO-EPC-MUL-DOSHTTP: Cisco EPC 3928 Multiple CVEs Denial of ServiceHIGH HTTP:CISCO:CISCO-EPC-CMD-INJHTTP: Cisco EPC 3928 CVE-2015-6401 Command InjectionMEDIUM TELNET:CISCO-ASA-PETELNET: Cisco Adaptive Security Appliance CVE-2016-6367 Privilege EscalationMEDIUM HTTP:INFO-LEAK:JOOMLA-PROCLAIMHTTP: Joomla Component Proclaim Backup File DownloadHIGH HTTP:ASUS-RT-G32-CSRFHTTP: Asus RT-G32 CVE-2015-2676 Cross Site Request ForgeryHIGH HTTP:CVE-2018-7664-CMD-INJHTTP: ClipBucket CVE-2018-7664 Command InjectionMEDIUM HTTP:MISC:DLINK-DIR8XX-CFG-IDHTTP: D-Link DIR-815 Routers Information DisclosureMEDIUM APP:MISC:DUALDESK-DOSAPP: DualDesk 20 CVE-2018-7583 Remote Denial Of ServiceMEDIUM HTTP:INFO-LEAK:HUMAX-HG100R-IDHTTP: Humax HG100R Wi-Fi Router CVE-2017-11435 Information Disclosure

1 deleted signature:

HIGHHTTP:OVERFLOW:AUTH-OVERFLOW HTTP: Authorization Header Overflow

1 deleted protocol anomaly:

MEDIUMHTTP:OVERFLOW:AUTH-OVFLW HTTP: Auth Overflow

5 updated signatures.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. február 26.

Signature Update #3145

Signature Update #3145

45 new signatures:

HIGH HTTP:STC:CVE-2018-20250-RCEHTTP: RARLAB WinRAR ACE Remote Code ExecutionMEDIUM HTTP:INFO-LEAK:CVE-2018-18980XEHTTP: Zoho ManageEngine OpManager BusinessViewFlashImpl handleBVAction CVE-2018-18980 XXE Injection Information DisclosureHIGH APP:CVE-2018-14821-BOAPP: Rockwell Automation RSLinx Classic CIP SendRRData CVE-2018-14821 Heap Buffer OverflowHIGH HTTP:PALO-ALTO-PAN-OS-BOHTTP: Palo Alto Networks PanOS CVE-2016-9150 Buffer OverflowMEDIUM HTTP:CVE-2018-3956-INFO-DISHTTP: Foxit Reader and PhantomPDF XFA xdpContent Information DisclosureHIGH HTTP:TRND-MICRO-DDI-RCEHTTP: Trend Micro Deep Discovery Inspector CVE-2016-5840 Remote Code ExecutionMEDIUM HTTP:STC:ADOBE:CVE-2019-7063-IDHTTP: Adobe Pdf CVE-2019-7063 Information DisclosureHIGH HTTP:STC:CVE-2018-18993-BOHTTP: OMRON CX-One CX-Position cdmapi32 Stack-based Buffer OverflowHIGH DHCP:CVE-2019-0547-RCEDHCP: Microsoft Windows DHCP Client CVE-2019-0547 Remote Code ExecutionHIGH DHCP:RQST:CVE-2018-17161-BODHCP: FreeBSD bootpd Stack Buffer OverflowHIGH VNC:CVE-2018-6307-UAFVNC: libVNC LibVNCServer Tight File Transfer Extension CVE-2018-6307 Use After FreeMEDIUM HTTP:STC:DL:CVE-2019-0560-IDHTTP: Microsoft Office CVE-2019-0560 Information DisclosureMEDIUM DHCP:EXPLOIT:CVE-2018-20679-OBDHCP: BusyBox Project BusyBox udhcp Option CVE-2018-20679 Out of Bounds ReadMEDIUM HTTP:CTS-CVE-2018-18264-IN-DISHTTP: Kubernetes Dashboard Authentication Bypass Information DisclosureMEDIUM NTP:CVE-2019-6445-DOSNTP: NTPsec ntpd write_variables Denial of ServiceMEDIUM NTP:CVE-2019-6444-OBNTP: NTPsec ntpd process_control Out of Bounds ReadMEDIUM HTTP:STC:ADOBE:CVE-2019-7055-IDHTTP: Adobe Pdf CVE-2019-7055 Information DisclosureHIGH HTTP:STC:ADOBE:CVE-2019-7057-IDHTTP: Adobe Reader CVE-2019-7057 Information DisclosureHIGH HTTP:STC:CVE-2018-16858-RCEHTTP: LibreOffice Macro Event Remote Code ExecutionHIGH HTTP:STC:SCRIPT:CVE-2019-7077CEHTTP: Adobe CVE-2019-7077 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7031-CEHTTP: Adobe Pdf CVE-2019-7031 Remote Code ExecutionHIGH HTTP:CVE-2018-20338-SQ-INJHTTP: Zoho ManageEngine OpManager Alarms Section SQL InjectionHIGH HTTP:STC:ADOBE:CVE-2019-7037-CEHTTP: Adobe Reader CVE-2019-7037 Remote Code ExecutionHIGH HTTP:STC:CVE-2019-0575-OBHTTP: Microsoft Windows JET Database Engine Physical Index Out-of-Bounds ReadHIGH HTTP:MISC:ZOHO-MIGRATIONSERV-CEHTTP: Zoho ManageEngine OpManager DataMigrationServlet Insecure DeserializationMEDIUM HTTP:STC:ADOBE:CVE-2019-7038-IDHTTP: Adobe Reader CVE-2019-7038 Information DisclosureMEDIUM HTTP:CVE-2018-19039-INFO-DISHTTP: Grafana Labs Grafana Direct Link Rendered Image Arbitrary File ReadHIGH HTTP:STC:ADOBE:CVE-2019-7018-CEHTTP: Adobe Acrobat Reader CVE-2019-7018 Remote Code ExecutionHIGH HTTP:STC:CVE-2019-0577-RCEHTTP: Microsoft Windows JET Database Engine CreateLvSMLocs Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7090-IDHTTP: Adobe Flash CVE-2019-7090 Information DisclosureMEDIUM HTTP:STC:ADOBE:CVE-2019-7067-IDHTTP: Adobe Reader CVE-2019-7067 Information DisclosureHIGH HTTP:STC:ADOBE:CVE-2019-7048-CEHTTP: Adobe Pdf CVE-2019-7048 Remote Code ExecutionMEDIUM HTTP:STC:ADOBE:CVE-2019-7028-IDHTTP: Adobe Reader CVE-2019-7028 Information DisclosureMEDIUM HTTP:STC:ADOBE:CVE-2019-7024-IDHTTP: Adobe Pdf CVE-2019-7024 Information DisclosureHIGH HTTP:STC:ADOBE:CVE-2019-7026-CEHTTP: Adobe Reader CVE-2019-7026 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7020-CEHTTP: Adobe Acrobat Reader CVE-2019-7020 Remote Code ExecutionMEDIUM HTTP:STC:ADOBE:CVE-2019-7022-IDHTTP: Adobe Pdf CVE-2019-7022 Information DisclosureHIGH HTTP:STC:ADOBE:CVE-2019-7041-PEHTTP: Adobe Reader CVE-2019-7041 Privilege EscalationMEDIUM HTTP:STC:ADOBE:CVE-2019-7089-IDHTTP: Adobe Reader CVE-2019-7089 Information DisclosureMEDIUM HTTP:STC:ADOBE:CVE-2019-7045-IDHTTP: Adobe Reader CVE-2019-7045 Information DisclosureMEDIUM HTTP:STC:ADOBE:CVE-2019-7059-IDHTTP: Adobe Pdf CVE-2019-7059 Information DisclosureHIGH HTTP:STC:ADOBE:CVE-2019-7075-CEHTTP: Adobe Reader CVE-2019-7075 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7073-CEHTTP: Adobe Flash Player CVE-2019-7073 Remote Code ExecutionMEDIUM HTTP:STC:DL:CVE-2019-7071-IDHTTP: Adobe CVE-2019-7071 Information DisclosureHIGH HTTP:STC:ADOBE:CVE-2019-7051-CEHTTP: Adobe Reader CVE-2019-7051 Remote Code Execution

1 deleted signature:

MEDIUMHTTP:STC:TOMCAT-CHUNKED-REQ-DOS HTTP: Apache Tomcat Chunked Request Handling Denial of Service

5 updated signatures.

7 renamed signatures.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. február 21.

Signature Update #3144

Signature Update #3144

35 new signatures:

HIGH HTTP:STC:ADOBE:CVE-2019-7078-CEHTTP: Adobe CVE-2019-7078 Remote Code ExecutionMEDIUM HTTP:STC:CVE-2018-20247-DOSHTTP: Foxit Quick PDF Library CVE-2018-20247 Denial of ServiceHIGH HTTP:STC:ADOBE:CVE-2019-7054-CEHTTP: Adobe Reader CVE-2019-7054 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7056-CEHTTP: Adobe Reader CVE-2019-7056 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7033-CEHTTP: Adobe Acrobat Reader CVE-2019-7033 Remote Code ExecutionHIGH HTTP:STC:CVE-2017-5375-RCEHTTP: Mozilla Firefox CVE-2017-5375 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7030-CEHTTP: Adobe Reader CVE-2019-7030 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7036-CEHTTP: Adobe Reader CVE-2019-7036 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7035-CEHTTP: Adobe Reader CVE-2019-7035 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7039-CEHTTP: Adobe Reader CVE-2019-7039 Remote Code ExecutionHIGH SMTP:EXPLOIT:CVE-2018-8174-RCESMTP: Microsoft Internet Explorer VBScript Engine CVE-2018-8174 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7019-CEHTTP: Adobe Reader CVE-2019-7019 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7064-CEHTTP: Adobe Reader CVE-2019-7064 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7065-CEHTTP: Adobe Reader CVE-2019-7065 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7079-CEHTTP: Adobe Acrobat CVE-2019-7079 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7060-CEHTTP: Adobe Acrobat Reader CVE-2019-7060 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7085-CEHTTP: Adobe Acrobat CVE-2019-7085 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7049-CEHTTP: Adobe Acrobat Reader CVE-2019-7049 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7029-CEHTTP: Adobe Reader CVE-2019-7029 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7066-CEHTTP: Adobe Acrobat Reader CVE-2019-7066 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7025-CEHTTP: Adobe Reader CVE-2019-7025 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7027-CEHTTP: Adobe Reader CVE-2019-7027 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7023-CEHTTP: Adobe Reader CVE-2019-7023 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7046-CEHTTP: Adobe Reader CVE-2019-7046 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7062-CEHTTP: Adobe Reader CVE-2019-7062 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7086-CEHTTP: Adobe Acrobat CVE-2019-7086 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7087-CEHTTP: Adobe CVE-2019-7087 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7058-CEHTTP: Adobe Reader CVE-2019-7058 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7082-CEHTTP: Adobe Reader CVE-2019-7082 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7080-CEHTTP: Adobe Reader CVE-2019-7080 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7081-CEHTTP: Adobe Acrobat Reader CVE-2019-7081 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7068-CEHTTP: Adobe Reader CVE-2019-7068 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7070-CEHTTP: Adobe Acrobat CVE-2019-7070 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7050-CEHTTP: Adobe Reader CVE-2019-7050 Remote Code ExecutionHIGH HTTP:STC:ADOBE:CVE-2019-7053-CEHTTP: Adobe Acrobat Reader CVE-2019-7053 Remote Code Execution

8 updated signatures.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. február 20.

Signature Update #3143

Signature Update #3143

6 new signatures:

HIGH HTTP:CVE-2018-18992-CMD-INJHTTP: LAquis SCADA Web Server acompanhamentotela PAGINA Command InjectionHIGH APP:CVE-2018-7115-BOAPP: HPE Intelligent Management Center dbman Stack Buffer Overflow 1MEDIUM HTTP:CVE-2018-17246-FIHTTP: Elastic Kibana server.js Local File InclusionHIGH APP:CVE-2018-1160-OBAPP: Netatalk dsi_opensession Attention Quantum Out-of-bounds WriteMEDIUM HTTP:PHP:PHPMYADMIN:FILE-INCHTTP: phpMyAdmin tbl_replace.php Local File InclusionMEDIUM HTTP:IBALL-ADSL-AUTH-BYPASSHTTP: iBall ADSL2+ CVE-2017-14244 Authentication Bypass

1 deleted signature:

MEDIUMHTTP:STC:APPLE-MUL-KERNEL-DOS HTTP: Apple Multiple Product Kernel TCP Out of Band Data Handling Denial of Service

1 updated signature.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. február 14.

Signature Update #3142

Signature Update #3142

7 new signatures:

MEDIUM SNMPTRAP:CVE-2015-6004-XSSSNMPTRAP: WhatsUpGold CVE-2015-6004 Cross Site ScriptingHIGH VNC:OVERFLOW:CVE-2018-15127-BOVNC: libVNC LibVNCServer File Transfer Extension CVE-2018-15127 Heap-based Buffer OverflowHIGH HTTP:ADOBE-FLASH-OVRFLW-OOBHTTP: Adobe Flash Player APSB18-08 Multiple Object OverflowMEDIUM HTTP:INFO-LEAK:CVE-2018-5724HTTP: Master IP CAM CVE-2018-5724 Information DisclosureHIGH HTTP:STC:CVE-2018-16873-RCEHTTP: Google Golang Get Remote Command ExecutionHIGH HTTP:ZIVIF-CMD-INJ-AUTH-BYHTTP: Zivif PR115-204-P-RS Multiple CVEs Command InjectionHIGH HTTP:UNITRENDS-AUTH-BY-RCEHTTP: Unitrends UEB CVE-2017-12478 Remote Code Execution

2 updated signatures.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. február 12.

Signature Update #3141

Signature Update #3141

33 new signatures:

HIGH HTTP:STC:EDGE:CVE-2019-0642-RCEHTTP: Microsoft Edge CVE-2019-0642 Remote Code ExecutionHIGH HTTP:STC:EDGE:CVE-2019-0645-RCEHTTP: Microsoft Edge CVE-2019-0645 Remote Code ExecutionHIGH HTTP:STC:EDGE:CVE-2019-0590-RCEHTTP: Microsoft Edge CVE-2019-0590 Remote Code ExecutionHIGH HTTP:STC:DL:CVE-2019-0633-RCEHTTP: Microsoft Windows CVE-2019-0633 Remote Code ExecutionHIGH HTTP:STC:EDGE:CVE-2019-0640-RCEHTTP: Microsoft Edge CVE-2019-0640 Remote Code ExecutionMEDIUM HTTP:STC:DL:CVE-2019-0621-IDHTTP: Microsoft Windows NT CVE-2019-0621 Information DisclosureHIGH HTTP:STC:EDGE:CVE-2019-0651-RCEHTTP: Microsoft Edge CVE-2019-0651 Remote Code ExecutionHIGH HTTP:STC:EDGE:CVE-2019-0650-RCEHTTP: Microsoft Windows Edge CVE-2019-0650 Remote Code ExecutionMEDIUM HTTP:STC:IE:CVE-2019-0676-IDHTTP: Microsoft Internet Explorer CVE-2019-0676 Information DisclosureMEDIUM HTTP:STC:DL:CVE-2019-0636-IDHTTP: Microsoft Windows CVE-2019-0636 Information DisclosureHIGH HTTP:STC:EDGE:CVE-2019-0644-RCEHTTP: Microsoft Edge CVE-2019-0644 Remote Code ExecutionMEDIUM HTTP:STC:DL:CVE-2019-0661-IDHTTP: Microsoft Windows CVE-2019-0661 Information DisclosureMEDIUM HTTP:MISC:CVE-2018-11094-IDHTTP: Intelbras NCloud CVE-2018-11094 Information DisclosureHIGH HTTP:STC:IE:CVE-2019-0652-RCEHTTP: Microsoft Windows Edge CVE-2019-0652 Remote Code ExecutionHIGH HTTP:CONARC-ICHANNEL-DOSHTTP: CONARC iChannel CVE-2017-17759MEDIUM HTTP:STC:CVE-2018-8596-IDHTTP: Microsoft Windows Graphics Device Interface CVE-2018-8596 Information DisclosureHIGH HTTP:COMMVAULT-EDGE-RCEHTTP: Commvault Edge CVE-2017-3195 Remote Code ExecutionHIGH HTTP:QNAP-TVS-663-RCEHTTP: QNAP TVS-663 QTS CVE-2017-6361 Remote Code ExecutionHIGH HTTP:CLIPBUCKET-FILE-UPLOADHTTP: ClipBucket CVE-2018-7665 File UploadMEDIUM HTTP:NODE-NGHTTP2-DOSHTTP: Node.js Foundation nghttp2 nghttp2_frame_altsvc_free CVE-2018-1000168 Null Pointer DereferenceMEDIUM HTTP:PHP:CVE-2018-19970-XSSHTTP: phpMyAdmin Navigation-Tree Stored Cross-Site ScriptingHIGH HTTP:SQL:INJ:CVE-2018-20173HTTP: Zoho ManageEngine OpManager getGraphData SQL InjectionHIGH HTTP:STC:EDGE:CVE-2019-0593-RCEHTTP: Microsoft Edge CVE-2019-0593 Remote Code ExecutionMEDIUM HTTP:STC:DL:CVE-2019-0669-IDHTTP: Microsoft Excel CVE-2019-0669 Information DisclosureMEDIUM HTTP:STC:CVE-2019-0628-IN-DISHTTP: Microsoft Windows Driver CVE-2019-0628 Information DisclosureHIGH HTTP:STC:IE:CVE-2019-0606-CEHTTP: Microsoft Internet Explorer CVE-2019-0606 Memory CorruptionHIGH HTTP:STC:EDGE:CVE-2019-0591-CEHTTP: Microsoft Edge Scripting Engine CVE-2019-0591 Memory CorruptionHIGH HTTP:STC:EDGE:CVE-2019-0655-RCEHTTP: Microsoft Edge CVE-2019-0655 Remote Code ExecutionHIGH HTTP:STC:EDGE:CVE-2019-0648-SBHTTP: Microsoft Window's Edge CVE-2019-0648 Security BypassHIGH HTTP:STC:DL:CVE-2019-0656-EPHTTP: Microsoft Windows Kernel CVE-2019-0656 Elevation of PrivilegeHIGH HTTP:STC:EDGE:CVE-2019-0610-RCEHTTP: Microsoft Edge CVE-2019-0610 Remote Code ExecutionHIGH HTTP:STC:EDGE:CVE-2019-0658BYPSHTTP: Microsoft Edge CVE-2019-0658 Security BypassHIGH HTTP:STC:EDGE:CVE-2019-0607-RCEHTTP: Microsoft Edge CVE-2019-0607 Remote Code Execution

1 new protocol anomaly:

MEDIUMMS-RPC:EPM-INVALID-OPMS-RPC:EPM Invalid Operation

4 deleted signatures:

MEDIUMHTTP:APACHE:LONG-HEADER-DOS HTTP: Apache Overly Long Header Denial of ServiceHIGHHTTP:MISC:NGINX-CHUNK-TRANS-DOS HTTP: Nginx Chunked Transfer Parsing Denial of ServiceHIGHAPP:DIGIUM-ASTERISK-COOKIE-OF APP: Digium Asterisk Cookie Stack OverflowHIGHHTTP:CHKP:AUTH-HDR-BOF HTTP: Checkpoint Auth Buffer Overflow

4 updated signatures.

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences

                   
2019. február 12.

5G-Ready Network Today Requires a Secure, Automated Cloud Architecture

5G-Ready Network Today Requires a Secure, Automated Cloud Architecture

Imagine playing an immersive VR video game on your cell phone with friends around the world, in real time, with zero delays, while traveling in a self-driving car. It’s not that far-fetched: this is just one of the many possible scenarios that the future holds with the emergence of 5G. The potential pace, scale and economic growth enabled by 5G will result in another technology revolution that will transform humanity as we know it.

 

If you think that’s hyperbole, let’s take a look at how previous generations of mobility have affected our lives. First-generation (1G) mobility liberated us from being tethered to a fixed location like a telephone booth. Second-generation (2G) mobility introduced technologies like short message service (SMS) allowing us to communicate via text while on the move. Third-generation (3G) mobility, much like 1G, freed internet access from the shackles of a fixed location, propelling us into the mobile internet age. And fourth-generation (4G) mobility, also known as LTE, saw 3G mature into a vital enabler of the global, digital economy. If 4G matured mobility into adulthood, what new groundbreaking innovations will 5G unlock for mankind?

Copyright © 1996-2019 Juniper Networks, Inc.     All rights reserved                                                                                      Update preferences