SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  IE Zero Day protection CVE-2014-1776

    Posted 04-30-2014 10:07

    I know this probably isn;t the right forum, but since we have SRXs in play, I thought I would post here.  Does Juniper have detection / prevention for this exploit?  Is it availble at the perimeter in the SRX via UTM / AV / IDP?

     

    If so, is there an easy way to find out such things?  Idid a search of CVE-2014-1776 on the site, the kb and the forums and returned nothing.



  • 2.  RE: IE Zero Day protection CVE-2014-1776
    Best Answer

     
    Posted 04-30-2014 12:46

    Hello.

     

    Searched through the latest signature releasted April 29th.  DB version 2369.

     

    Found HTTP:STC:IE:6-11-UAF.  This looks to be the signature that addresses CVE-2014-1776

     

    http://services.netscreen.com/documentation/signatures/HTTP%3ASTC%3AIE%3A6-11-UAF.html

    Released on 4/28.

     

     

    I think it's easiest to check if you have JunOS Space's Security Director.  I click on IPS Policy -> IPS Signature.  This lists all the signatures.  There's a CVE column that's not shown by default.

     

    I tried looking this up on the web, and it's pretty painful (need to click on each signature related to IE, one by one...)

     

    Hope this helps.

     

    Regards,

    Sam



  • 3.  RE: IE Zero Day protection CVE-2014-1776

    Posted 04-30-2014 13:04

    That most definetly helps.  Glad to see your web lookup experience was as bad as mine.

     

    Juniper - are you listening?  Help your guys out here, please 🙂