1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Juniper SSL VPN Client AX BO

Web Attack: Juniper SSL VPN Client AX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature will detect attempt to exploit a Buffer Overflow Vulnerability in Juniper SSL-VPN Client.

Additional Information

Juniper provides an SSL-VPN client in the form of an ActiveX control for Microsoft Windows operating systems.

Juniper SSL-VPN Client ActiveX control is prone to a buffer overflow vulnerability. This issue is due to insufficient bounds-checking of user-supplied input prior to copying it to an insufficiently-sized memory buffer.n nThis issue is due to the use of unbounded memory-copy operations in the 'JuniperSetupDLL.dll' library, which is loaded from the 'JuniperSetup.ocx' ActiveX control. It may be triggered by passing an overly long 'ProductName' parameter to the vulnerable function.

It is possible to invoke the object from a malicious website to trigger the condition. If the vulnerability were successfully exploited, this would result in the corruption of process memory, resulting in arbitrary code execution. Arbitrary code would be executed in the context of the client application.

Affected

  • Juniper Networks SSL-VPN Client

Response

Fixes are available from the vendor. Contact the vendor for further information on obtaining and applying fixes for this issue.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube