CVE-2014-0618

Name of the Vulnerable Software and Affected Versions Juniper Junos versions prior to 10.4R16 Juniper Junos versions prior to 11.4R8 Juniper Junos versions prior to 12.1R7 Juniper Junos versions prior to 12.1X44-D20 Juniper Junos versions prior to 12.1X45-D10

Description The issue allows remote attackers to cause a denial of service via a crafted HTTP message when the Juniper Junos is used as a UAC enforcer and captive portal is enabled, resulting in a flowd crash.

Recommendations For versions prior to 10.4R16, update to 10.4R16 or later. For versions prior to 11.4R8, update to 11.4R8 or later. For versions prior to 12.1R7, update to 12.1R7 or later. For versions prior to 12.1X44-D20, update to 12.1X44-D20 or later. For versions prior to 12.1X45-D10, update to 12.1X45-D10 or later.