Browse Source

Updated with Cves and Juniper Advistory

Giulio 4 years ago
parent
commit
855d6def8d
1 changed files with 8 additions and 0 deletions
  1. 8 0
      Readme.md

+ 8 - 0
Readme.md

@@ -1,4 +1,12 @@
 # Juniper Host Checker Linux MITM RCE
+## CVEs
+
+ - No certificate Validation - [CVE-2020-11580](https://nvd.nist.gov/vuln/detail/CVE-2020-11580)
+ - Command Injection - [CVE-2020-11581](https://nvd.nist.gov/vuln/detail/CVE-2020-11581)
+ - DNS Rebindig - [CVE-2020-11582](https://nvd.nist.gov/vuln/detail/CVE-2020-11582)
+
+Link to Juniper official advisory [SA44426](https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44426)
+
 ## Intro
 The Host Checker is a client side component that the [Pulse Connect Secure](https://www.pulsesecure.net/products/pulse-connect-secure/) appliance may require in order to connect to the VPN. The Host Checker requests a policy from the server and perform basic checks on the client accordingly. Checks may include MAC Addresses, running process (ie: checking for an antivirus) and some others. While on Windows the plugin is an ActiveX component, in Linux, Solaris and OSX it is a Java Applet.
 Of course client checks can always be bypassed, and an open source (yet not well documented) implementation [do exist](https://raw.githubusercontent.com/russdill/juniper-vpn-py/master/tncc.py).