Test ID:	1.3.6.1.4.1.25623.1.0.106753
Category:	JunOS Local Security Checks
Title:	Juniper Networks Junos OS LDP DoS Vulnerability
Summary:	Junos OS is prone to a denial of service (DoS) vulnerability. when receiving crafted;LDP packets.
Description:	Summary: Junos OS is prone to a denial of service (DoS) vulnerability. when receiving crafted LDP packets. Vulnerability Insight: A specific LDP packet destined to the RE (Routing Engine) will consume a small amount of the memory allocated for the rpd process. Over time, repeatedly receiving this type of LDP packet(s) will cause the memory to exhaust and the rpd process to crash and restart. It is not possible to free up the memory that has been consumed without restarting the rpd process. This issue affects Junos OS based devices with either IPv4 or IPv6 LDP enabled via the [protocols ldp] configuration. The interface on which the packet arrives needs to have LDP enabled. Vulnerability Impact: An attacker may cause a denial of service condition. Affected Software/OS: Junos OS 13.3, 14.1, 14.2, 15.1 and 16.1 Solution: New builds of Junos OS software are available from Juniper. As a workaround use access lists or firewall filters to limit access to the device via LDP only from trusted networks or hosts, or enable MD5 authentication on all authorized LDP sessions. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2312 BugTraq ID: 97611 http://www.securityfocus.com/bid/97611 http://www.securitytracker.com/id/1038252
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.