Rapid7 Vulnerability & Exploit Database

Juniper Junos OS: Crafted TCP packet can lead to kernel crash (JSA10550)

Back to Search

Juniper Junos OS: Crafted TCP packet can lead to kernel crash (JSA10550)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
01/01/2013
Created
07/25/2018
Added
05/07/2014
Modified
05/07/2014

Description

The Junos kernel may crash when a specifically crafted TCP packet is received by the Routing Engine (RE) on a listening TCP port. TCP traffic traversing the device will not trigger this crash. Only TCP packets destined to the device itself, successfully reaching the RE through existing edge and control plane filtering, will be able to cause the crash. This issue can be triggered by both IPv4 and IPv6 TCP packets destined to the RE.

Solution(s)

  • juniper-junos-os-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;