Juniper Junos Next-Gen MVPN Senario Malformed Message Handling Remote DoS (PSN-2011-10-391)
High Nessus Plugin ID 56770
SynopsisThe remote router has a denial of service vulnerability.
DescriptionAccording to its self-reported version number, the remote Juniper router has a denial of service vulnerability. In a Next Generation MVPN scenario, a kernel memory buffer could get corrupted when the router receives a bootstrap or auto-RP message larger than 204 bytes, causing the kernel to crash every time a packet is received.
This issue only occurs in Next-Gen MVPN scenarios that use Ingress Replication as the P-tunnel type and has Auto-RP or Bootstrap as the group-to-RP mapping mechanism.
SolutionApply the relevant Junos upgrade referenced in Juniper advisory PSN-2011-10-391.