• Additional Information
• Virus Outbreak Information
• Protection from Sasser

Security Notices

Security Alert Notifications (in JTAC Technical Bulletins)
Subscribe to JTAC Technical Bulletins to receive product specific Security Alerts Notifications via e-mail. To opt in to Technical Bulletins, you must be a registered user.

• 07/10/06 - Certain crafted IPv6 packets cause the kernel to "leak" memory and eventually crash (CERT/CC VU#294036)
• 03/25/06 - IVE ActiveX client vulnerability
• 01/19/06 - Specifically crafted packets can cause NSM Denial of Service
• 12/08/05 - IVE potential SSL 2.0 rollback
• 12/08/05 - Optimistic TCP acknowledgements can cause denial of service
• 11/14/05 - IKE version 1 vulnerability issues resulting from OUSPG ISAKMP Test Suite
• 08/23/05 - Juniper Networks IPSec IKE VPN Username Enumeration Vulnerability
• 09/02/04 - Directory-traversal vulnerability in IDP OpenSSH scp
• 08/13/04 - Remote crash of ScreenOS via the SSHv1 service
• 06/29/04 - Potential HTTP cross-site script execution in NetScreen-5GT Antivirus engine
• 04/21/04 - A design flaw in the RFC specification of TCP may allow a blind attacker to successfully close a TCP connection
• 04/02/04 - Potential Denial of Service in OpenSSL Library on IVE and IDP platforms
• 03/03/04 - Cross Site Scripting Vulnerability in delhomepage.cgi on IVE 3.x
• 01/19/04 - Communications between devices running ScreenOS 5.0 and NetScreen-Security Manager not encrypted
• 10/01/03 - Potential Leakage of Sensitive Information via DHCP Offer
• 09/17/03 - OpenSSH Vulnerability
• 07/30/03 - Potential Denial of Service Due to Certain TCP Windows Scale Factor settings
• 07/14/03 - Clarification to Potential denial of service, compromise of hosts running non-IP protocols Advisory 57605
• 07/10/03 - Potential denial of service, compromise of hosts running non-IP protocols - Affects: All NetScreen products running ScreenOS 4.0.0 or later, in Transparent Mode.
• 04/16/03 - Weaker IPSec Tunnel Security Than Intended- Affects: Global PRO Policy Manager versions 4.0.0r1 through 4.0.0r5; 4.1.0r1
• 03/03/03 - Potential loss of configuration - Affects: NetScreen-5XP and NetScreen-5XT
• 11/25/02 - Malicious-URL Feature may be Circumvented Using IP Fragmentation
• 11/25/02 - Predictable TCP Initial Sequence Numbers
• 11/25/02 - Potential H.323 Denial of Service
• 11/06/02 - SSHv1 CRC32 Attacks can lead to denial of service on NetScreen devices
• 09/06/02 - Multiple vendors' Internet Key Exchange (IKE) implementations do not properly handle IKE response packets
• 07/31/02 - Apache Security Hole CAN-2002-0392 - Affects: NetScreen-Global PRO Policy Manager Server; NetScreen-Global PRO Express Policy Manager Server
• 05/30/02 - NetScreen-25 Unauthorized Reboot Issue
• 02/13/02 - Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP)
• 02/05/02 - NetScreen ScreenOS Port Scan DoS Vulnerability
• 01/12/02 - IP Spoof Protection Failure