Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

In regards to PSN-2011-03-198 and 199

rotearc_
New Contributor
‎03-22-2011 08:57:PM
‎03-22-2011 08:57:PM

In regards to PSN-2011-03-198 and 199

Hi Forum members,

Anyone read the PSN-2011-03-198 and 199?

Here is the link, (requires login)

http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2011-03-198&viewMode...

http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2011-03-199&viewMode...

I read both of these security advisories and the information stated are not very clear as to what is the potential service impact?

Since there is another update sometimes around April 1 for IE9, I don't want to perform the upgrade twice within the next 15 days.

0 Kudos
3 REPLIES 3
DaveDugal_
Not applicable
‎03-23-2011 02:54:PM
‎03-23-2011 02:54:PM

Re: In regards to PSN-2011-03-198 and 199

Hello rotearc.

 

Thanks for the question regarding the service impact of our two recently released out-of-cycle PSNs.

 

These two PSNs each resulted in a CVSS Base Score of 5.8  Along with this score, a CVSS Vector was supplied: 

(AV:N/AC:M/Au:N/CSmiley Tongue/ISmiley Tongue/A:N)

 

.  Among other things, this vector represents a partial confidentiality and partial integrity impact.

 

 

Without going into detail that would violate entitled disclosure, the issue is that one can obtain access to content that shouldn't be accessible.  While the direct impact of arbitrary access to these files is minimal, the integrity breach could lead to additional methods of attack, beyond the scope of this medium risk vulnerability.

 

Ð Dave Dugal

    Juniper SIRT

 

0 Kudos
ruc_
Regular Contributor
‎03-23-2011 04:16:PM
‎03-23-2011 04:16:PM

Re: In regards to PSN-2011-03-198 and 199

One minor clarification regarding the IE9 KB @ http://kb.pulsesecure.net/KB19293

 

>>>Since there is another update sometimes around April 1 for IE9

 

The update referred to in the KB article is an update of the content in the KB article itself and not the actual releases that will support IE9.

0 Kudos
rotearc_
New Contributor
‎03-23-2011 05:58:PM
‎03-23-2011 05:58:PM

Re: In regards to PSN-2011-03-198 and 199

Dave,

Thanks for the reply. But it still does not help me to understand what are the risks? Maybe we should take this offline. If you can send me a private message. I will like to discuss with you on this matters.

Regards,

Ernest

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.