Juniper Junos IPv6 Neighbor Discovery (ND) Traffic Handling Multiple Vulnerabilities (JSA10749)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote device is affected by multiple vulnerabilities.

Description :

According to its self-reported version number, the remote Juniper
Junos device is affected by multiple vulnerabilities :

- A flaw exists due to improper handling of malformed IPv6
ND packets. An unauthenticated, remote attacker can
exploit this, via specially crafted ND packets, to cause
the device to stop processing IPv6 traffic, resulting in
a denial of service condition. (VulnDB 139535)

- A flaw exists that is triggered when handling QFX5100
exceptions. An unauthenticated, remote attacker can
exploit this to transition IPv6 ND traffic to the
routing engine, resulting in a partial denial of service
condition. (VulnDB 139536)

- An unspecified flaw exists that allows an
unauthenticated, remote attacker to cause improper
forwarding of IPv6 ND traffic in violation of RFC4861.
(VulnDB 139537)

Note that Nessus has not tested for these issues but has instead
relied only on the device's self-reported model and current
configuration.

See also :

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10749

Solution :

Apply the relevant Junos software release referenced in Juniper
advisory JSA10749.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Junos Local Security Checks

Nessus Plugin ID: 91762 ()

Bugtraq ID:

CVE ID: CVE-2016-1409

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now