Juniper Junos jdhcpd IPv6 UDP DoS (JSA10800)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote device is affected by a denial of service vulnerability.

Description :

According to its self-reported version and model number, the remote
Juniper Junos device is affected by a denial of service vulnerability
in the jdhcpd daemon when handling invalid IPv6 UDP packets. An
unauthenticated, remote attacker can exploit this, via specially
crafted IPv6 UDP packets, to consume available CPU resources,
resulting in an interruption of the DHCP service.

See also :

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10800

Solution :

Upgrade to the relevant Junos software release referenced in Juniper
security advisory JSA10800.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.8
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Junos Local Security Checks

Nessus Plugin ID: 102075 ()

Bugtraq ID:

CVE ID: CVE-2017-2348

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now