Juniper Junos MX Series BBE Routers jpppd Remote DoS (JSA10665)
High Nessus Plugin ID 80953
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability in the Juniper PPP daemon (jpppd). A remote attacker can exploit this issue by sending a specially crafted PAP Authenticate-Request after successful negotiation of the PPPoE Discovery and LCP phase, resulting in the PPP daemon crashing.
Note that this issue only affects MX series routers deployed as a broadband edge (BBE) router.
SolutionApply the relevant Junos software release or workaround referenced in Juniper advisory JSA10665.