Juniper Junos PIM rpd Crafted Boot Message Remote DoS (PSN-2011-07-296)

medium Nessus Plugin ID 55938

Synopsis

The remote router has a denial of service vulnerability.

Description

According to its self-reported version number, the remote Juniper router is running a version of Junos with a denial of service vulnerability. Sending a specially crafted bootstrap message to the PIM router can cause the rpd routing daemon to crash.
A remote, unauthenticated attacker could exploit this to make the router unresponsive.

According to the vendor's advisory, this issue may be difficult to reliably exploit.

Solution

Apply the relevant Junos upgrade referenced in Juniper advisory PSN-2011-07-296.

See Also

http://www.nessus.org/u?77f709d9

Plugin Details

Severity: Medium

ID: 55938

File Name: juniper_psn-2011-07-296.nasl

Version: 1.9

Type: combined

Published: 8/22/2011

Updated: 8/10/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:juniper:junos

Required KB Items: Host/Juniper/model, Host/Juniper/JUNOS/Version

Patch Publication Date: 7/13/2011

Vulnerability Publication Date: 7/13/2011