Juniper Junos BGP FlowSpec rpd DoS (JSA10670)
High Nessus Plugin ID 80958
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability due to improperly processing a malformed BGP Flow Specification (FlowSpec) prefix. A remote attacker can exploit this issue to crash the routing process daemon (rpd).
Note that this issue only affects devices with BGP FlowSpec enabled.
SolutionApply the relevant Junos software release or workaround referenced in Juniper advisory JSA10670.