PT-2015-3851 · Juniper Networks · Mx Series+1
Publicado
2015-01-16
·
Atualizado
2015-02-04
·
CVE-2014-6382
CVSS v2.0
7.1
Alta
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Juniper MX Series routers with Junos versions 13.3R3 through 13.3Rx before 13.3R6
Juniper MX Series routers with Junos versions 14.1 before 14.1R4
Juniper MX Series routers with Junos versions 14.1X50 before 14.1X50-D70
Juniper MX Series routers with Junos versions 14.2 before 14.2R2
Description
The issue allows remote attackers to cause a denial of service by sending a crafted PAP Authenticate-Request after the PPPoE Discovery and LCP phase are complete, resulting in a jpppd crash and restart.
Recommendations
For Juniper MX Series routers with Junos versions 13.3R3 through 13.3Rx before 13.3R6, update to version 13.3R6 or later.
For Juniper MX Series routers with Junos versions 14.1 before 14.1R4, update to version 14.1R4 or later.
For Juniper MX Series routers with Junos versions 14.1X50 before 14.1X50-D70, update to version 14.1X50-D70 or later.
For Juniper MX Series routers with Junos versions 14.2 before 14.2R2, update to version 14.2R2 or later.
Correção
DoS
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Junos
Mx Series