Juniper Junos BGP UPDATE Malformed ATTR_SET Attribute Remote DoS (PSN-2012-01-472)
Medium Nessus Plugin ID 57637
SynopsisThe remote router has a denial of service vulnerability.
DescriptionAccording to its self-reported version number, the version of Junos running on the remote device has a denial of service vulnerability.
Processing a BGP UPDATE containing a corrupted ATTR_SET attribute can result in an rpd crash.
This issue only affects routers configured for BGP running Junos 10.2 or later that do no thave the 'independent-domain' routing option enabled.
A remote, unauthenticated attacker could exploit this to crash the rpd service.
SolutionApply the relevant Junos upgrade referenced in Juniper advisory PSN-2012-01-472.