This post was originally published on this site is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to

Original release date: January 11, 2018

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review the following Juniper Security Advisories and apply necessary updates:

  • ScreenOS: Etherleak vulnerability found on ScreenOS device (CVE-2018-0014)
  • Junos Space Security Director and Log Collector: Multiple vulnerabilities resolved in 17.2R1 release
  • CTPView: Multiple Linux kernel vulnerabilities
  • Junos Space: Multiple vulnerabilities resolved in 17.2R1 release
  • Junos OS: OpenSSH Memory exhaustion due to unregistered KEXINIT handler (CVE-2016-8858)
  • SRX Series: Firewall bypass vulnerability when UUID with leading zeros is configured. (CVE-2018-0009)
  • Junos: commit script may allow unauthenticated root login upon reboot (CVE-2018-0008)
  • Junos: bbe-smgd process denial of service while processing VLAN authentication requests/rejects (CVE-2018-0006)
  • Junos OS: MAC move limit configured to drop traffic may forward traffic. (CVE-2018-0005)
  • Junos OS: Kernel Denial of Service Vulnerability (CVE-2018-0004)
  • Junos OS: A crafted MPLS packet may lead to a kernel crash (CVE-2018-0003)
  • Junos OS: Malicious LLDP crafted packet leads to privilege escalation, denial of service. (CVE-2018-0007)
  • Junos OS: MX series, SRX series: Denial of service vulnerability in Flowd on devices with ALG enabled. (CVE-2018-0002)
  • Junos: Unauthenticated Remote Code Execution through J-Web interface (CVE-2018-0001) Junos: Unauthenticated Remote Code Execution through J-Web interface (CVE-2018-0001)

This product is provided subject to this Notification and this Privacy & Use policy.

At L Technology Group, we know technology alone will not protect us from the risks associated with in cyberspace. Hackers, Nation States like Russia and China along with “Bob” in HR opening that email, are all real threats to your organization. Defending against these threats requires a new strategy that incorporates not only technology, but also intelligent personnel who, eats and breaths cybersecurity. Together with proven processes and techniques combines for an advanced next-generation security solution. Since 2008 L Technology Group has develop people, processes and technology to combat the ever changing threat landscape that businesses face day to day.

Call Toll Free (855) 999-6425 for a FREE Consultation from L Technology Group,