CVE-2006-2086

Name of the Vulnerable Software and Affected Versions Juniper NetScreen IVE device versions prior to 4.2r8.1 Juniper NetScreen IVE device versions 5.0 prior to 5.0r6.1 Juniper NetScreen IVE device versions 5.1 prior to 5.1r8 Juniper NetScreen IVE device versions 5.2 prior to 5.2r4.1 Juniper NetScreen IVE device versions 5.3 prior to 5.3r2.1

Description A buffer overflow issue exists in the JuniperSetupDLL.dll, which is loaded by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device. This issue allows remote attackers to execute arbitrary code via a long argument in the ProductName parameter.

Recommendations For versions prior to 4.2r8.1, update to version 4.2r8.1 or later. For versions 5.0 prior to 5.0r6.1, update to version 5.0r6.1 or later. For versions 5.1 prior to 5.1r8, update to version 5.1r8 or later. For versions 5.2 prior to 5.2r4.1, update to version 5.2r4.1 or later. For versions 5.3 prior to 5.3r2.1, update to version 5.3r2.1 or later.