ID de Prueba:	1.3.6.1.4.1.25623.1.0.106020
Categoría:	JunOS Local Security Checks
Título:	Juniper Networks Junos OS mbuf Denial of Service Vulnerability
Resumen:	Junos OS is prone to a DoS vulnerability by mbuf exhaustion.
Descripción:	Summary: Junos OS is prone to a DoS vulnerability by mbuf exhaustion. Vulnerability Insight: When an active TCP connection transitions to LAST_ACK state and the daemon connected to the socket still has more data to send, the socket could get stuck in LAST_ACK state indefinitely, using up finite mbufs and connections. Exploitation of this issue requires establishment of a TCP connection to a listening port on the router. TCP ports protected by ingress and/or control plane firewall filters are not vulnerable to this issue. However, anti-spoofing mechanisms should be employed to protect against malicious attempts to bypass existing firewall filters. Vulnerability Impact: Triggering the condition repeatedly could lead to total mbuf exhaustion, requiring a reboot or switchover of the master RE to resolve. Affected Software/OS: Junos OS 12.1, 12.3, 13.2, 13.3, 14.1 and 14.2 Solution: New builds of Junos OS software are available from Juniper. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5358 NETBSD Security Advisory: NetBSD-SA2015-009 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-009.txt.asc http://www.securitytracker.com/id/1032842 http://www.securitytracker.com/id/1033007 http://www.securitytracker.com/id/1033915
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.