Juniper Junos GRE DoS (PSN-2013-04-917)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

According to its self-reported version number, the remote Junos device
has a denial of service vulnerability. Specially crafted GRE packets
received on a multicast tunnel interface that are allowed to reach the
routing engine can cause the kernel to crash. An unauthenticated
attacker on the same subnet could exploit this to crash the host.

See also :

http://www.nessus.org/u?c9a8e8ee

Solution :

Apply the relevant Junos upgrade referenced in Juniper advisory
PSN-2013-04-917.

Risk factor :

Medium / CVSS Base Score : 6.1
(CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 4.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Junos Local Security Checks

Nessus Plugin ID: 66515 ()

Bugtraq ID: 60016

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now