Juniper Junos PIM rpd Crafted Boot Message Remote DoS (PSN-2011-07-296)

medium Nessus Plugin ID 55938

Language:

Synopsis

The remote router has a denial of service vulnerability.

Description

According to its self-reported version number, the remote Juniper router is running a version of Junos with a denial of service vulnerability. Sending a specially crafted bootstrap message to the PIM router can cause the rpd routing daemon to crash.
A remote, unauthenticated attacker could exploit this to make the router unresponsive.

According to the vendor's advisory, this issue may be difficult to reliably exploit.

Solution

Apply the relevant Junos upgrade referenced in Juniper advisory PSN-2011-07-296.

See Also

http://www.nessus.org/u?77f709d9

Plugin Details

Severity: Medium

ID: 55938

File Name: juniper_psn-2011-07-296.nasl

Version: 1.9

Type: combined

Published: 8/22/2011

Updated: 8/10/2018

Dependencies: junos_version.nasl

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*

Required KB Items: Host/Juniper/model, Host/Juniper/JUNOS/Version

Patch Publication Date: 7/13/2011

Vulnerability Publication Date: 7/13/2011