Low Nessus Plugin ID 125773
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a denial of service vulnerability in the Junos OS device configured as a DHCP server in a Broadband Edge (BBE) environment. A remote attacker can exploit it via sending a continuous, specially crafted DHCPv6 message which can result in a repeatedly jdhcpd daemon crash which lead to a denial of service condition as referenced in the JSA10889 advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionApply the relevant Junos software release referenced in Juniper advisory JSA10889