Juniper SSL-VPN Client ActiveX Control Remote Buffer Overflow Vulnerability
BID:17712
Info
Juniper SSL-VPN Client ActiveX Control Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 17712 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 26 2006 12:00AM |
| Updated: | Apr 27 2006 06:21PM |
| Credit: | Yuji Ukai is credited with the discovery of this issue. |
| Vulnerable: |
Juniper Juniper VPN-SSL-VPN IVE 5.X |
| Not Vulnerable: | |
Discussion
Juniper SSL-VPN Client ActiveX Control Remote Buffer Overflow Vulnerability
Juniper SSL-VPN Client ActiveX control is prone to a buffer-overflow vulnerability. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.
Invoking the object from a malicious website may trigger the condition. If the vulnerability were successfully exploited, this would corrupt process memory, resulting in arbitrary code execution. Arbitrary code would be executed in the context of the client application.
Juniper SSL-VPN Client ActiveX control is prone to a buffer-overflow vulnerability. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.
Invoking the object from a malicious website may trigger the condition. If the vulnerability were successfully exploited, this would corrupt process memory, resulting in arbitrary code execution. Arbitrary code would be executed in the context of the client application.
Exploit / POC
Juniper SSL-VPN Client ActiveX Control Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Juniper SSL-VPN Client ActiveX Control Remote Buffer Overflow Vulnerability
Solution:
Fixes are available from the vendor. Contact the vendor for further information on obtaining and applying fixes for this issue.
Solution:
Fixes are available from the vendor. Contact the vendor for further information on obtaining and applying fixes for this issue.
References
Juniper SSL-VPN Client ActiveX Control Remote Buffer Overflow Vulnerability
References:
References:
- Juniper Networks Homepage (Juniper Networks)
- Security Notices (Juniper Networks)
- [EEYEB-20060227] Juniper Networks SSL-VPN Client Buffer Overflow ("eEye Advisories"