Juniper Junos Protocol Daemon (RPD) BGP OPEN Message Handling DoS (JSA10779)
High Nessus Plugin ID 102700
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number and configuration, the remote Juniper Junos device is affected by a denial of service vulnerability in the routing protocol daemon (rpd) due to improper handling of BGP OPEN messages. An unauthenticated, remote attacker can exploit this, via a specially crafted BGP OPEN message, to repeatedly crash and restart the rpd daemon.
SolutionUpgrade to the relevant Junos software release referenced in Juniper security advisory JSA10779.