Juniper Issues Security Alert Tied to Routers and Switches

Juniper warned Thursday of a high-risk bug in the GD graphics library used in several versions of its Junos OS.

Juniper Networks warned customers Thursday of a high-risk vulnerability in the GD graphics library that could allow a remote attacker to take control of systems running certain versions of the Junos OS.

The alert was in conjunction with a warning from the U.S. Computer Emergency Readiness Team (US-CERT) that said affected versions of the Junos OS were 12.1X46, 12.3X48, 15.1X49, 14.2, 15.1, 15.1X53, 16.1 and 16.2. Hardware running the software includes router models T Series and MX series along with four Juniper switch products.

The problem (CVE-2016-3074) is tied to the use of the open-source image library GD graphics library (libgd) bundled with PHP version 4.3 and above.

“An integer signedness vulnerability exists in libgd 2.1.1 which may result in a heap overflow when processing compressed gd2 data,” the Juniper Security Advisory said. Attackers can exploit this issue to execute arbitrary commands or cause a denial-of-service condition.

Use of the flawed libgd library has stung a wide range of firms over the past year, including HP Enterprise, Red Hat, Fedora and Debian, each of which have issued separate security bulletins on the library.

Customers are encouraged up to update their software to the latest version. A workaround also exists and includes disabling services that can utilize on-board PHP scripting like J-Web and XNM-SSL according to Juniper. Affected users can also choose to discontinue the use of Netconf and PyEZ with PHP.

“In addition to the recommendations listed above, it is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device from trusted, administrative networks or hosts,” Juniper advises.

The libgd vulnerability, as used by Juniper in its switches and routers, has a CVSS score of 8.1, making this is a high-risk vulnerability.

Suggested articles

Discussion

  • Dave D. on

    Note: This Juniper Security Advisory was originally published as part of the 2017-07 advisory bundle on July 12, 2017. US-CERT picked up the following minor update and rebroadcast it as a new issue: https://kb.juniper.net/JSA10798 MODIFICATION HISTORY: 2017-08-09: Minor change on the Solution section, removing 12.3X48-D45

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.