Juniper Junos BGP-VPLS Advertisements RPD DoS (JSA10687)
High Nessus Plugin ID 85227
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability due to improper handling of BGP-VPLS advertisements with updated BGP local preference values. A remote attacker can exploit this to crash RDP with a NULL pointer deference exception.
Note that this issue only affects devices with internal BGP and VPLS enabled.
SolutionApply the relevant Junos software release or workaround referenced in Juniper advisory JSA10687.