Juniper Junos TCP Packet Processing Remote DoS (JSA10638)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

According to its self-reported version number, the remote Juniper
Junos device is affected by a denial of service vulnerability. An
attacker who can guess an in-window sequence number, source and
destination addresses, and port numbers can exploit this vulnerability
to reset any established TCP session.

This issue only affects TCP sessions terminating on the router.
Transit traffic and TCP Proxy services are unaffected by this
vulnerability.

See also :

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10638

Solution :

Apply the relevant Junos software release referenced in Juniper
advisory JSA10638.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Junos Local Security Checks

Nessus Plugin ID: 76506 ()

Bugtraq ID: 10183

CVE ID: CVE-2004-0230

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now