SRX Services Gateway
Highlighted
SRX Services Gateway

IE Zero Day protection CVE-2014-1776

‎04-30-2014 10:07 AM

I know this probably isn;t the right forum, but since we have SRXs in play, I thought I would post here.  Does Juniper have detection / prevention for this exploit?  Is it availble at the perimeter in the SRX via UTM / AV / IDP?

 

If so, is there an easy way to find out such things?  Idid a search of CVE-2014-1776 on the site, the kb and the forums and returned nothing.

2 REPLIES 2
Highlighted
SRX Services Gateway
Solution
Accepted by topic author jspanitz
‎08-26-2015 01:27 AM

Re: IE Zero Day protection CVE-2014-1776

‎04-30-2014 12:46 PM

Hello.

 

Searched through the latest signature releasted April 29th.  DB version 2369.

 

Found HTTPSmiley FrustratedTC:IE:6-11-UAF.  This looks to be the signature that addresses CVE-2014-1776

 

http://services.netscreen.com/documentation/signatures/HTTP%3ASTC%3AIE%3A6-11-UAF.html

Released on 4/28.

 

 

I think it's easiest to check if you have JunOS Space's Security Director.  I click on IPS Policy -> IPS Signature.  This lists all the signatures.  There's a CVE column that's not shown by default.

 

I tried looking this up on the web, and it's pretty painful (need to click on each signature related to IE, one by one...)

 

Hope this helps.

 

Regards,

Sam

Highlighted
SRX Services Gateway

Re: IE Zero Day protection CVE-2014-1776

‎04-30-2014 01:04 PM

That most definetly helps.  Glad to see your web lookup experience was as bad as mine.

 

Juniper - are you listening?  Help your guys out here, please Smiley Happy