 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.105912 |
| Category: | JunOS Local Security Checks |
| Title: | Junos RDP Crash Vulnerability |
| Summary: | RDP crash when receiving BGP UPDATE with malformed inetflow prefix. |
| Description: | Summary: RDP crash when receiving BGP UPDATE with malformed inetflow prefix. Vulnerability Insight: Receipt of a BGP UPDATE message containing a crafted flow specification NLRI may cause RPD to crash. The update creates an invalid inetflow prefix which causes the RPD process to allocate memory until it reaches its assigned memory limit. Vulnerability Impact: After trying to exceed the process memory limit, RPD will crash and restart. The system recovers after the crash, however a constant stream of malformed updates could cause an extended outage. Affected Software/OS: Junos OS 10.0, 10.4, 11.4, 12.1 and 12.2. Solution: New builds of Junos OS software are available from Juniper. As a workaround disable the propagation of flow-specification NLRI messages via BGP by removing the flow configuration option from protocols bgp ... family inet. CVSS Score: 6.3 CVSS Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C |
| Copyright | This script is Copyright (C) 2014 Greenbone Networks GmbH |
| This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |