Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authentication is configured.
Vulnerability Description
A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
Juniper Networks SBR Carrier 缓冲区错误漏洞
Vulnerability Description
Juniper Networks SBR Carrier是美国瞻博网络(Juniper Networks)公司的一套适用于运营商的AAA(Authentication、Authorization和Accounting )服务器。该产品主要提供网络资源管理、用户访问控制和计费等功能。 Juniper Networks SBR Carrier 存在安全漏洞,该漏洞源于。该漏洞允许攻击者发送特定数据包,导致 Radius 守护程序崩溃,从而导致拒绝服务 (DoS) 或导致远程代码执行( RCE)。
CVSS Information
N/A
Vulnerability Type
N/A