 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.105926 |
| Category: | JunOS Local Security Checks |
| Title: | Juniper Networks Junos OS RSVP DoS Vulnerability (JSA10652) |
| Summary: | Juniper Networks Junos OS is prone to a denial of service (DoS); vulnerability. |
| Description: | Summary: Juniper Networks Junos OS is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Receipt of a crafted or malformed RSVP packet may cause the routing protocol daemon to hang or crash. This issue only occurs during processing of RSVP PATH messages. If RSVP is not enabled on an interface, then the issue cannot be triggered via that interface. Vulnerability Impact: An attacker can cause the routing protocol daemon to hang or crash. When rpd is unavailable, routing updates cannot be processed which can lead to an extended network outage. Affected Software/OS: Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.2 with support for RSVP enabled. Solution: New builds of Junos OS software are available from Juniper. As a workaround enable RSVP only on trusted interfaces as required for MPLS. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-6378 BugTraq ID: 70363 http://www.securityfocus.com/bid/70363 http://www.securitytracker.com/id/1031008 XForce ISS Database: juniper-junos-cve20146378-dos(96906) https://exchange.xforce.ibmcloud.com/vulnerabilities/96906 |
| Copyright | Copyright (C) 2014 Greenbone Networks GmbH |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |