Juniper Junos RTSP Packet Handling flowd DoS (JSA10721)
Medium Nessus Plugin ID 88096
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Juniper Junos device is affected by denial of service vulnerability due to a flaw in the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) implementation. An unauthenticated, remote attacker can exploit this, via a crafted RTSP packet, to crash the flowd daemon.
SolutionApply the relevant Junos software release referenced in Juniper advisory JSA10721.