====================================================================

                              CERT-Renater

                 Note d'Information No. 2017/VULN234
_____________________________________________________________________

DATE                : 18/08/2017

HARDWARE PLATFORM(S):  /

OPERATING SYSTEM(S): Junos OS versions 14.1X53, 14.2, 15.1, 15.1X49,
                                    15.1X53.

=====================================================================
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10803
____________________________________________________________________

2017-07 Security Bulletin: Junos OS: buffer overflow vulnerability in
Junos CLI (CVE-2017-10602)


	
Product Affected:
This issue affects Junos OS 14.1X53, 14.2, 15.1, 15.1X49, 15.1X53.


Problem:

A buffer overflow vulnerability in Junos OS CLI may allow a local
authenticated user with read only privileges and access to Junos CLI,
to execute code with root privileges.

Affected releases are Juniper Networks Junos OS 14.1X53; 14.2 prior to
14.2R6; 15.1 prior to 15.1F5, 15.1F6, 15.1R3; 15.1X49 prior to
15.1X49-D40; 15.1X53 prior to 15.1X53-D47, 15.1X53-D70.

This issue does not affect Junos 14.1 or prior releases.

No other Juniper Networks products or platforms are affected by this
issue.

This issue was found during internal product security testing. Juniper
SIRT is not aware of any malicious exploitation of this vulnerability.

This issue has been assigned CVE-2017-10602.


Solution:

The following software releases have been updated to resolve this
specific issue: 14.2R6, 15.1F5, 15.1F6, 15.1R3, 15.1X49-D40,
15.1X53-D47, 15.1X53-D70, 16.1R1, and all subsequent releases.

This issue is being tracked as PR 1149652 and is visible on the
Customer Support website.


Workaround:

Use access lists or firewall filters to limit access to the router's
CLI only from trusted hosts. Restrict access to the CLI to only highly
trusted administrators.


Implementation:
Security vulnerabilities in Junos are fixed in the next available
Maintenance Release of each supported Junos version. In some cases, a
Maintenance Release is not planned to be available in an appropriate
time-frame. For these cases, Service Releases are made available in
order to be more timely. Security Advisory and Security Notices will
indicate which Maintenance and Service Releases contain fixes for the
issues described. Upon request to JTAC, customers will be provided
download instructions for a Service Release. Although Juniper does not
provide formal Release Note documentation for a Service Release, a list
of "PRs fixed" can be provided on request.


Modification History:

    2017-07-12: Initial Publication.


Related Links:

    KB16613: Overview of the Juniper Networks SIRT Monthly Security
             Bulletin Publication Process

    KB16765: In which releases are vulnerabilities fixed?

    KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's
             Security Advisories

    Report a Vulnerability - How to Contact the Juniper Networks
     Security Incident Response Team


CVSS Score:
7 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

Risk Level:
High

Risk Assessment:
Information for how Juniper Networks uses CVSS can be found at KB 16446
"Common Vulnerability Scoring System (CVSS) and Juniper's Security
Advisories."


==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================