CVE-2015-5359

Name of the Vulnerable Software and Affected Versions Juniper Junos OS versions 12.1X44 before 12.1X44-D50 Juniper Junos OS versions 12.1X46 before 12.1X46-D35 Juniper Junos OS versions 12.1X47 before 12.1X47-D25 Juniper Junos OS versions 12.3 before 12.3R9 Juniper Junos OS versions 12.3X48 before 12.3X48-D10 Juniper Junos OS versions 13.2 before 13.2R7 Juniper Junos OS versions 13.3 before 13.3R5 Juniper Junos OS versions 14.1R3 before 14.1R3-S2 Juniper Junos OS versions 14.1 before 14.1R4 Juniper Junos OS versions 14.2 before 14.2R2 Juniper Junos OS versions 15.1 before 15.1R1

Description The issue allows remote attackers to cause a denial of service via a large number of BGP-VPLS advertisements with updated BGP local preference values, resulting in a NULL pointer dereference and RDP crash.

Recommendations For Juniper Junos OS versions 12.1X44 before 12.1X44-D50, update to version 12.1X44-D50 or later. For Juniper Junos OS versions 12.1X46 before 12.1X46-D35, update to version 12.1X46-D35 or later. For Juniper Junos OS versions 12.1X47 before 12.1X47-D25, update to version 12.1X47-D25 or later. For Juniper Junos OS versions 12.3 before 12.3R9, update to version 12.3R9 or later. For Juniper Junos OS versions 12.3X48 before 12.3X48-D10, update to version 12.3X48-D10 or later. For Juniper Junos OS versions 13.2 before 13.2R7, update to version 13.2R7 or later. For Juniper Junos OS versions 13.3 before 13.3R5, update to version 13.3R5 or later. For Juniper Junos OS versions 14.1R3 before 14.1R3-S2, update to version 14.1R3-S2 or later. For Juniper Junos OS versions 14.1 before 14.1R4, update to version 14.1R4 or later. For Juniper Junos OS versions 14.2 before 14.2R2, update to version 14.2R2 or later. For Juniper Junos OS versions 15.1 before 15.1R1, update to version 15.1R1 or later.