Number: AV18-116
Date: 13 July 2018
Purpose
The purpose of this advisory is to bring attention to security bulletins released by Juniper.
Assessment
Juniper has released multiple security bulletins to address vulnerabilities in their products. Exploitation of these vulnerabilities allows code execution, elevation of privilege, denial of service conditions, circumvention of security measures, or access to sensitive information
Affected products:
- cURL and libcurl
- Junos Space
- Junos OS
- Junos OS, SRX series
CVE References: CVE-2017-3145, CVE-2017-3143, CVE-2017-3142, CVE-2017-3138, CVE-2000-0973, CVE-2016-5421, CVE-2016-7167, CVE-2016-9953, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-1000120, CVE-2016-4802, CVE-2013-2174, CVE-2016-9586, CVE-2016-9952, CVE-2014-0138, CVE-2017-1000257, CVE-2018-1000005, CVE-2018-1000122, CVE-2014-0139, CVE-2013-1944, CVE-2014-3613, CVE-2015-3143, CVE-2015-3148, CVE-2015-3153, CVE-2016-0754, CVE-2016-0755, CVE-2016-5419, CVE-2016-5420, CVE-2016-7141, CVE-2017-1000254, CVE-2017-9502, CVE-2018-1000007, CVE-2018-1000121, CVE-2013-4545, CVE-2014-3707, CVE-2014-8150, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2013-6422, CVE-2014-0015, CVE-2016-3739, CVE-2017-7407, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2017-3145, CVE-2018-2579, CVE-2018-2588, CVE-2018-2599, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2637, CVE-2018-2663, CVE-2018-2678, CVE-2017-12613, CVE-2017-10198, 2017-10281, CVE-2017-10295, CVE-2017-10345, CVE-2017-10355, CVE-2017-10356, CVE-2017-10388, CVE-2017-15896, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, CVE-2018-0039, CVE-2018-0040, CVE-2018-0042, CVE-2018-0038, CVE-2018-0041, CVE-2018-1000115, CVE-2018-0037, CVE-2018-0034, CVE-2018-0035, CVE-2018-0032, CVE-2018-0031, CVE-2018-0030, CVE-2018-0029, CVE-2018-0027, CVE-2018-0026, CVE-2018-0025, CVE-2018-0024, CVE-2015-7236
Suggested action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10803&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10857&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10858&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10859&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10860&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10861&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10863&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10864&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10865&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10866&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10868&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10869&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10871&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10873&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10874&cat=SIRT_1&actp=LIST
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10875&cat=SIRT_1&actp=LIST