Juniper Junos ICMPv6 PTB Atomic Fragment DoS (JSA10780)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote device is affected by a denial of service vulnerability.

Description :

According to its self-reported version number, the remote Juniper
Junos device is affected by a denial of service vulnerability in the
ICMP Packet Too Big (PTB) message functionality that occurs when
handling IPv6 atomic fragments that trigger fragmentation in traffic.
An unauthenticated, remote attacker can exploit this issue, via a
specially crafted series of packets, to cause the device to stop
responding, the exhaustion of resources, or other impact that results
in a denial of service condition.

See also :

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10780

Solution :

Apply the relevant Junos software release referenced in Juniper
advisory JSA10780.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: Junos Local Security Checks

Nessus Plugin ID: 101266 ()

Bugtraq ID: 95797

CVE ID: CVE-2016-10142

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now