Rapid7 Vulnerability & Exploit Database

Juniper Junos OS: RPD crash when receiving BGP UPDATE with malformed inetflow prefix (JSA10538)

Back to Search

Juniper Junos OS: RPD crash when receiving BGP UPDATE with malformed inetflow prefix (JSA10538)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
10/01/2012
Created
07/25/2018
Added
05/07/2014
Modified
05/07/2014

Description

Receipt of a BGP UPDATE message containing a crafted flow specification NLRI (RFC 5575) may cause RPD to crash. The update creates an invalid inetflow prefix which causes the RPD process to allocate memory until it reaches its assigned memory limit. After trying to exceed the process memory limit, RPD will crash and restart. The system recovers after the crash, however a constant stream of malformed updates could cause an extended outage.

Solution(s)

  • juniper-junos-os-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;