CVE-2013-5650

Name of the Vulnerable Software and Affected Versions Junos Pulse Secure Access Service (IVE) versions 7.1 through 7.1r4 Junos Pulse Secure Access Service (IVE) versions 7.2 through 7.2r9 Junos Pulse Secure Access Service (IVE) versions 7.3 through 7.3r5 Junos Pulse Secure Access Service (IVE) versions 7.4 through 7.4r2 Junos Pulse Access Control Service (UAC) versions 4.1 through 4.1r8 Junos Pulse Access Control Service (UAC) versions 4.2 through 4.2r4 Junos Pulse Access Control Service (UAC) versions 4.3 through 4.3r5 Junos Pulse Access Control Service (UAC) versions 4.4 through 4.4r2

Description The issue allows remote attackers to cause a denial of service, resulting in a device hang, via a crafted packet when a hardware SSL acceleration card is enabled.

Recommendations For Junos Pulse Secure Access Service (IVE) versions 7.1 through 7.1r4, update to version 7.1r5 or later. For Junos Pulse Secure Access Service (IVE) versions 7.2 through 7.2r9, update to version 7.2r10 or later. For Junos Pulse Secure Access Service (IVE) versions 7.3 through 7.3r5, update to version 7.3r6 or later. For Junos Pulse Secure Access Service (IVE) versions 7.4 through 7.4r2, update to version 7.4r3 or later. For Junos Pulse Access Control Service (UAC) versions 4.1 through 4.1r8, update to version 4.1r8.1 or later. For Junos Pulse Access Control Service (UAC) versions 4.2 through 4.2r4, update to version 4.2r5 or later. For Junos Pulse Access Control Service (UAC) versions 4.3 through 4.3r5, update to version 4.3r6 or later. For Junos Pulse Access Control Service (UAC) versions 4.4 through 4.4r2, update to version 4.4r3 or later.