Juniper Junos ICMP Ping 'composite next-hop' Remote DoS (PSN-2011-07-297)
High Nessus Plugin ID 55937
SynopsisThe remote router has a denial of service vulnerability.
DescriptionAccording to its self-reported version number, the remote Juniper router is running a version of Junos that is affected by a denial of service vulnerability. Sending an ICMP ping with the record-route or timestamp options can crash an L3VPN PE router with either of the following configurations :
- Point-to-Multipoint LSPs that are used as next hops in configuration of static routes to customers' networks
- The 'l3vpn-composite-nexthop' and 'indirect-next-hop' routing-options are enabled
A remote, unauthenticated attacker could exploit this to crash the router.
SolutionApply the relevant Junos upgrade referenced in Juniper advisory PSN-2011-07-297.