CVE-2014-6379 Information
Description
Juniper Junos 11.4 before R12 12.1 before R10 12.1X44 before D35 12.1X45 before D25 12.1X46 before D20 12.1X47 before D10 12.2 before R8 12.2X50 before D70 12.3 before R6 13.1 before R4-S3 13.1X49 before D55 13.1X50 before D30 13.2 before R4 13.2X50 before D20 13.2X51 before D26 and D30 13.2X52 before D15 13.3 before R2 and 14.1 before R1 when a RADIUS accounting server is configured as [system accounting destination radius] creates an entry in /var/etc/pam_radius.conf which might allow remote attackers to bypass authentication via unspecified vectors.
Reference
http://www.securityfocus.com/bid/70365 http://www.securitytracker.com/id/1031010 https://exchange.xforce.ibmcloud.com/vulnerabilities/96905 https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10654
Share on: