RSA 2014: The "double-edged sword" of disclosing software vulnerabilities
RSA 2014: The "double-edged sword" of disclosing software vulnerabilities

Juniper Networks released more than a dozen security updates to patch a wide range of issues including two denial-of-service vulnerabilities and one for remote code execution.

The majority of the issues involved Jupiter's operating system Junos. This included CVE-2018-0016 that if left unpatched could cause a system crash if a specially crafted CLNP packet is received and CVE-2018-0019 fixes a DoS vulnerability in flowd daemon on devices configured with NAT-PT, Juniper reported. The remaining Junos issues are CVE-2018-0020, CVE-2018-0022, CVE-2018-0023 along with multiple vulnerabilities in Stunnel 5.38, short MacSec keys that can allow man-in-the-middle attacks.

Juniper's SRX series also received fixes for a DoS flaw, CVE-2018-0017, and CVE-2015-2080 in which a carefully constructed packet could lead to information disclosure,

Security patched were also issued for the company's Steel-Belted Radius Carrier, NSM Appliance and Open SSL and Northstar controller.