Juniper Junos Oversized BGP UPDATE Remote DoS (JSA10609)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

According to its self-reported version number, the remote Juniper
Junos device is affected by a denial of service vulnerability. This
issue exists in the routing protocol daemon (rpd) when handling
oversized BGP UPDATE messages.

Note that this issue only affects devices with BGP enabled.

See also :

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10609

Solution :

Apply the relevant Junos software release or workaround referenced in
Juniper advisory JSA10609.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Junos Local Security Checks

Nessus Plugin ID: 71998 ()

Bugtraq ID: 64766

CVE ID: CVE-2014-0616

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now