Synopsis :

The remote router has a denial of service vulnerability.

Description :

According to its self-reported version number, the remote Juniper
router has a denial of service vulnerability. In a Next Generation
MVPN scenario, a kernel memory buffer could get corrupted when the
router receives a bootstrap or auto-RP message larger than 204 bytes,
causing the kernel to crash every time a packet is received.

This issue only occurs in Next-Gen MVPN scenarios that use Ingress
Replication as the P-tunnel type and has Auto-RP or Bootstrap as the
group-to-RP mapping mechanism.

See also :

http://www.nessus.org/u?ec5749e8

Solution :

Apply the relevant Junos upgrade referenced in Juniper advisory
PSN-2011-10-391.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)