Test ID:	1.3.6.1.4.1.25623.1.0.103959
Category:	JunOS Local Security Checks
Title:	Juniper Networks Junos OS OSPF Protocol Vulnerability
Summary:	A vulnerability in the OSPF protocol allows a remote attacker to;insert, update or delete routes in the OSPF database.
Description:	Summary: A vulnerability in the OSPF protocol allows a remote attacker to insert, update or delete routes in the OSPF database. Vulnerability Insight: A vulnerability has been discovered in the OSPF (Open Shortest Path First) protocol that allows a remote attacker to insert, update or delete routes in the OSPF database. Vulnerability Impact: A remote attacker might re-route traffic, compromise the confidentially of data or cunduct a DoS attack by dropping all traffic. Affected Software/OS: Platforms running Junos OS before versions 13.1R3, 13.2X50-D10, 12.3R3, 12.2R5, 12.1R7, 12.1X45-D10, 12.1X44-D15, 11.4R8 and 10.4R15 Solution: New builds of Junos OS software are available from Juniper. Use MD5 authentication when configuring OSPF. MD5 authentication completely mitigates this issue. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0149 CERT/CC vulnerability note: VU#229804 http://www.kb.cert.org/vuls/id/229804 Cisco Security Advisory: 20130801 OSPF LSA Manipulation Vulnerability in Multiple Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.