Rapid7 Vulnerability & Exploit Database

Juniper Junos OS: Local security vulnerability (JSA10291)

Back to Search

Juniper Junos OS: Local security vulnerability (JSA10291)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
04/23/2002
Created
07/25/2018
Added
05/07/2014
Modified
05/07/2014

Description

Normally, when a program is started, several standard file descriptors are opened, which are assigned to standard input, standard output, and standard error. If a program is started when not all these standard file descriptors are opened, the program might open a file and inadvertently associate it with one of the standard descriptors. The program might then read data from or write data to the file inappropriately. If the file is one that the user would normally not have privileges to open, this might result in an opportunity for privilege escalation.

Solution(s)

  • juniper-junos-os-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;