Juniper squeezes vulns that allow total p0wnage
NorthStar WAN SDN Controller has 28 nasties, half a dozen critical
Juniper admins using the company's NorthStar WAN SDN Controller Application, hop to it: the company's just dropped fixes to 28 security vulnerabilities.
The bugs apply to version 2.1.0 Service Pack 1 and newer versions of the application.
With such a crop available, here are the most severe bugs, some of them internal to the application, others inherited from third-party libraries.
CVE-2017-2320, with a Common Vulnerabilities Scoring System score of 10, is the most serious. It's a remotely exploitable denial-of-service (DoS) bug that can lead to “targeted information disclosure [or] modification of any component of the NorthStar system, including managed systems, and full denial of services to any systems under management”.
CVE-2017-2321 is similar, an out-of-bounds read DoS vulnerability with information disclosure. The Gin Palace has warned this one could enable attackers to mount “man-in-the-middle attacks, file injections, and malicious execution of commands”.
In CVE-2017-2326, an attacker could take a copy of the Junos OS virtual machine “and all data it maintains”.
The two-year-old CVE-2015-3456 is inherited from QEMU: “The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.”
And that's just the six that scored high enough to rate as “critical”.
Juniper has issued fixes for all the vulnerabilities. ®