[Full-disclosure] Juniper Networks DLL Hijacking Vulnerability
musntlive at gmail.com
Thu Sep 9 14:51:45 BST 2010
Juniper Pix ASA is vulnerable to Windows DLL Hijacking Vulnerability.
Version 1.3.37, Mitnick Build (latest available on 30th August 2010
was tested) is vulnerable.
2. Vulnerability Description
Juniper Pix ASA is for hybrid firewall and passes insufficiently
qualified path for the dll "mitnick.dll" while opening a file using
command line interface
09-09-2010 - Discovered Vulnerability
09-09-2010 - Informed the developers
09-09-2010 - Response from developers "We is don't make this product"
09-09-2010 - Response from MusntLive "This is be hybrid new polish
firewall from Rutkowska"
09-09-2010 - Response from developers "We understand she is a hybrid
but this isn't out product"
09-09-2010 - Response from MusntLive "I must find all DLL's in world
and make billion of advisories for MusntLive Security Pack"
09-09-2010 - Disclosure
Free Rutkowska: The Transgender Equality Network Ireland (TENI) is
seeking financial assistance for Mr. Rutkowska For more information
call 085 108 3935 or contact The Cork Gay Project on 021 4278470.
You must is be running Juniper Pix ASA
4. Versions Affected
Done with MusntLive Security Pack
Remote Code Execution on Juniper Pix Asa
Full-Disclosure is hosted and sponsored by Secunia.