Juniper Junos CLI libc recomp() rpd DoS (JSA10612)
Low Nessus Plugin ID 72001
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability in the regcomp implementation of the GNU C Library used in the command-line interpreter (CLI). A attacker can exploit this vulnerability to crash the RE by using a crafted regular expression containing adjacent repetition operators or adjacent bounded repetitions.
SolutionApply the relevant Junos upgrade referenced in Juniper advisory JSA10612.