Synopsis
The remote router allows traffic redirection.
Description
According to its self-reported version number, the remote Juniper router has a vulnerable Extended DHCP Relay Agent. Any interface which has the Extended DHCP Relay Agent enabled intercepts unicast DHCP reply packets. A remote attacker could exploit this by acting as a malicious DHCP server, sending specially crafted unicast DHCP reply packets through the router.
This could result in traffic being redirected.
Solution
Apply the relevant Junos upgrade referenced in Juniper advisory PSN-2011-07-300.