Juniper Junos SRX Series flowd Remote DoS (JSA10611)
High Nessus Plugin ID 72000
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Juniper Junos SRX series device is affected by a denial of service vulnerability in the flow daemon (flowd) when handling certain valid HTTP protocol messages. A remote attacker can exploit this to crash the device.
Note that this issue only affects devices configured as a Unified Access Control (UAC) enforcer in a UAC network with Captive Portal authentication enabled.
SolutionApply the relevant Junos software release or workaround referenced in Juniper advisory JSA10611.