Juniper Junos SSL/TLS Renegotiation DoS (JSA10580)

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

According to its self-reported version number, the remote Juniper
Junos device is affected by a denial of service vulnerability. The
SSL/TLS implementation on the remote host allows clients to
renegotiate connections. The computational requirements for
renegotiating a connection are asymmetrical between the client and the
server, with the server performing several times more work. Since the
remote host does not appear to limit the number of renegotiations for
a single TLS / SSL connection, this permits a client to open several
simultaneous connections and repeatedly renegotiate them, possibly
leading to a denial of service condition.

Note that this issue only affects devices with J-Web or the SSL
service for JUNOScript enabled.

See also :

http://www.ietf.org/mail-archive/web/tls/current/msg07553.html
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10580

Solution :

Apply the relevant Junos software release or workaround referenced in
Juniper advisory JSA10580.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.4
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Junos Local Security Checks

Nessus Plugin ID: 68913 ()

Bugtraq ID: 48626

CVE ID: CVE-2011-1473

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now