SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |   



Category:   Device (Router/Bridge/Hub)  >   Juniper Junos Vendors:   Juniper
(Juniper Issues Fix for Juniper Junos) curl FTP Pathname Heap Overflow Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1041323
SecurityTracker URL:  https://securitytracker.com/id/1041323
CVE Reference:   CVE-2018-1000120   (Links to External Site)
Date:  Jul 19 2018
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in curl. A remote user can execute arbitrary code on the target system. Juniper Junos is affected.

A remote user that can control the paths that curl uses for FTP can create specially crafted path names containing the control characters '%00' to trigger a heap overflow and potentially execute arbitrary code on the target system.

Applications configured with '--ftp-method singlecwd' or the libcurl alternative 'CURLOPT_FTP_FILEMETHOD' are affected.

The vendor was notified on January 29, 2018.

Duy Phan Thanh reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   Juniper has issued a fix (12.1X46-D77, 12.3R12-S10, 12.3X48-D70, 12.3X54-D34, 14.1X53-D47, 14.1X53-D130, 15.1F6-S11, 15.1R4-S9, 15.1R7-S1, 15.1R8, 15.1X49-D140, 15.1X53-D67, 15.1X53-D234, 15.1X53-D471, 15.1X54-D70, 16.1R4-S10, 16.1R6-S4, 16.1R7, 16.2R1-S7, 16.2R2-S6, 16.2R3, 17.1R2-S7, 17.1R3, 17.2R1-S6, 17.2R2-S5, 17.2R3, 17.2X75-D100, 17.3R2-S2, 17.3R3, 17.4R1-S4, 17.4R2, 18.1R1-S1, 18.1R2, 18.2X75-D10, 18.2R1).

The Juniper advisory is available at:

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10874

Vendor URL:  kb.juniper.net/InfoCenter/index?page=content&id=JSA10874 (Links to External Site)
Cause:   Boundary error

Message History:   This archive entry is a follow-up to the message listed below.
Mar 14 2018 curl FTP Pathname Heap Overflow Lets Remote Users Execute Arbitrary Code



 Source Message Contents

Subject:  https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10874


[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search


Content previously copyright SecurityGlobal.net LLC placed in the public domain on December 31, 2019.