Juniper ScreenOS 5.4 < 5.4.0r28 / 6.2 < 6.2.0r18 / 6.3 < 6.3.0r16 Malformed ICMP Echo Request DoS (JSA10604)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a denial of service vulnerability.

Description :

The remote host is running a version of Juniper ScreenOS prior to
5.4.0r28 / 6.2.0r18 / 6.3.0r16. It is, therefore, affected by a denial
of service vulnerability due to a failure to properly handle ICMP echo
request packets.

A remote, unauthenticated attacker could potentially exploit this
vulnerability by sending malformed ICMP echo request packets to cause
a firewall crash or failover. Repeated exploitation can result in an
extended denial of service condition.

Note that the host is not affected if the 'Ping of Death' screen is
enabled.

See also :

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10604
http://seclists.org/bugtraq/2014/Jan/73

Solution :

Upgrade to 5.4.0r28 / 6.2.0r18 / 6.3.0r16 or later or apply the
workaround.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.7
(CVSS2#E:ND/RL:W/RC:C)
Public Exploit Available : false

Family: Firewalls

Nessus Plugin ID: 74367 ()

Bugtraq ID: 64260

CVE ID: CVE-2013-6958