CVE-2021-0255

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 15.1X49-D240 Junos OS versions prior to 17.3R3-S11 Junos OS versions prior to 17.4R3-S4 Junos OS versions prior to 18.1R3-S12 Junos OS versions prior to 18.2R3-S7 Junos OS versions prior to 18.3R3-S4 Junos OS versions prior to 18.4R2-S7 Junos OS versions prior to 19.1R1-S6 Junos OS versions prior to 19.1R2-S2 Junos OS versions prior to 19.1R3-S4 Junos OS versions prior to 19.3R3-S2 Junos OS versions prior to 19.4R3-S1 Junos OS versions prior to 20.1R2 Junos OS versions prior to 20.1R3 Junos OS versions prior to 20.2R2-S1 Junos OS versions prior to 20.2R3 Junos OS versions prior to 20.3R1-S1

Description: A local privilege escalation issue in ethtraceroute of Juniper Networks Junos OS may allow a locally authenticated user with shell access to escalate privileges and write to the local filesystem as root. ethtraceroute is shipped with setuid permissions enabled and is owned by the root user, allowing local users to run ethtraceroute with root privileges.

Recommendations: For versions prior to 15.1X49-D240, update to 15.1X49-D240 or later. For versions prior to 17.3R3-S11, update to 17.3R3-S11 or later. For versions prior to 17.4R3-S4, update to 17.4R3-S4 or later. For versions prior to 18.1R3-S12, update to 18.1R3-S12 or later. For versions prior to 18.2R3-S7, update to 18.2R3-S7 or later. For versions prior to 18.3R3-S4, update to 18.3R3-S4 or later. For versions prior to 18.4R2-S7, update to 18.4R2-S7 or later. For versions prior to 19.1R1-S6, update to 19.1R1-S6 or later. For versions prior to 19.1R2-S2, update to 19.1R2-S2 or later. For versions prior to 19.1R3-S4, update to 19.1R3-S4 or later. For versions prior to 19.3R3-S2, update to 19.3R3-S2 or later. For versions prior to 19.4R3-S1, update to 19.4R3-S1 or later. For versions prior to 20.1R2, update to 20.1R2 or later. For versions prior to 20.1R3, update to 20.1R3 or later. For versions prior to 20.2R2-S1, update to 20.2R2-S1 or later. For versions prior to 20.2R3, update to 20.2R3 or later. For versions prior to 20.3R1-S1, update to 20.3R1-S1 or later.