Juniper Junos TKEY Query Handling DoS (JSA10718)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

According to its self-reported version number, the remote Juniper
Junos device is affected by a denial of service vulnerability due to
a flaw in ISC BIND when handling queries for TKEY records. An
unauthenticated, remote attacker can exploit this, via crafted TKEY
queries, to cause an REQUIRE assertion failure and daemon exit.

See also :

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10718

Solution :

Apply the relevant Junos software release referenced in Juniper
advisory JSA10718.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: Junos Local Security Checks

Nessus Plugin ID: 88093 ()

Bugtraq ID: 76092

CVE ID: CVE-2015-5477

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now