Juniper Junos Invalid Ether-type DoS (PSN-2013-04-916)

Medium Nessus Plugin ID 66514


The remote device is missing a vendor-supplied security patch.


According to its self-reported version number, the remote Junos device has a denial of service vulnerability. Receiving Ethernet packets with an invalid Ether-type can cause congestion on routers with line cards installed using Ichip-based FPCs and DPCs. An unauthenticated attacker on the same subnet could exploit this, causing the router to drop valid protocol traffic.


Apply the relevant Junos upgrade referenced in Juniper advisory PSN-2013-04-916.

See Also

Plugin Details

Severity: Medium

ID: 66514

File Name: juniper_psn-2013-04-916.nasl

Version: $Revision: 1.8 $

Type: combined

Published: 2013/05/20

Modified: 2013/10/18

Dependencies: 55932

Risk Information

Risk Factor: Medium


Base Score: 6.1

Temporal Score: 4.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:juniper:junos

Required KB Items: Host/Juniper/model, Host/Juniper/JUNOS/Version, Host/Juniper/JUNOS/BuildDate

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/04/09

Vulnerability Publication Date: 2013/04/09

Reference Information

BID: 60014

OSVDB: 92222