Juniper ScreenOS 6.3 < 6.3.0r17 DoS

High Nessus Plugin ID 74149


The remote host is affected by a denial of service vulnerability.


The remote host is running a version of Juniper ScreenOS 6.3 prior to 6.3.0r17. It is, therefore, affected by a denial of service vulnerability due to a failure to properly handle SSL/TLS protocol packets.

A remote, unauthenticated attacker could potentially exploit this vulnerability by sending malformed SSL/TLS packets to cause a firewall crash or failover. Repeated exploitation can result in an extended denial of service condition.


Upgrade to 6.3.0r17 or later.

See Also

Plugin Details

Severity: High

ID: 74149

File Name: screenos_JSA10624.nasl

Version: $Revision: 1.4 $

Type: local

Family: Firewalls

Published: 2014/05/23

Modified: 2015/11/01

Dependencies: 74148

Risk Information

Risk Factor: High


Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:juniper:screenos

Required KB Items: Host/Juniper/ScreenOS/display_version, Host/Juniper/ScreenOS/version, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2014/04/15

Reference Information

CVE: CVE-2014-2842

BID: 66802

OSVDB: 105783

CERT: 480428