Juniper Junos jdhcpd crash denial of service (JSA10926)
Medium Nessus Plugin ID 124193
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability in the jdhcpd daemon due to failure to handle exceptional conditions. An unauthenticated, remote attacker can exploit this, via continuously sending a certain DHCPv6 solicit message to the jdhcpd daemon to cause the jdhcpd process to stop responding.
SolutionApply the relevant Junos software release referenced in Juniper advisory JSA10926