Juniper Junos Routing Process Daemon BGP UPDATE DoS (JSA10778)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote device is affected by a denial of service vulnerability.

Description :

According to its self-reported version and configuration, the remote
Juniper Junos device is affected by a denial of service vulnerability
in the routing protocol daemon (rpd) when handling a specially crafted
BGP UPDATE. An unauthenticated, remote attacker can exploit this to
repeatedly crash and restart the rpd daemon.

Nessus has not tested for this issue but has instead relied only on
the device's self-reported version and current configuration.

See also :

http://www.nessus.org/u?910a6d37

Solution :

Apply the relevant Junos software release or workaround referenced in
Juniper advisory JSA10778.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

Family: Junos Local Security Checks

Nessus Plugin ID: 99525 ()

Bugtraq ID: 97606

CVE ID: CVE-2017-2313

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now