CVE-2016-1257

Name of the Vulnerable Software and Affected Versions Junos OS versions 13.2R5 through 13.2R8 Junos OS versions 13.3R1 through 13.3R7 before 13.3R7-S3 Junos OS versions 14.1R1 through 14.1R4 before 14.1R4-S7 Junos OS versions 14.1R3 before 14.1R3-S9 Junos OS versions 14.1X51 before 14.1X51-D65 Junos OS versions 14.1X53 before 14.1X53-D35 Junos OS versions 14.2R1 through 14.2R4 before 14.2R4-S1 Junos OS versions 14.2R3 before 14.2R3-S4 Junos OS version 15.1 before 15.1R3 Junos OS version 15.1F2 before 15.1F2-S2 Junos OS version 15.1X49 before 15.1X49-D40

Description The issue allows remote attackers to cause a denial of service (RPD routing process crash) via a crafted LDP packet when LDP is enabled.

Recommendations For Junos OS versions 13.2R5 through 13.2R8, update to a version after 13.2R8. For Junos OS versions 13.3R1 through 13.3R7 before 13.3R7-S3, update to 13.3R7-S3 or later. For Junos OS versions 14.1R1 through 14.1R4 before 14.1R4-S7, update to 14.1R4-S7 or later. For Junos OS versions 14.1R3 before 14.1R3-S9, update to 14.1R3-S9 or later. For Junos OS versions 14.1X51 before 14.1X51-D65, update to 14.1X51-D65 or later. For Junos OS versions 14.1X53 before 14.1X53-D35, update to 14.1X53-D35 or later. For Junos OS versions 14.2R1 through 14.2R4 before 14.2R4-S1, update to 14.2R4-S1 or later. For Junos OS versions 14.2R3 before 14.2R3-S4, update to 14.2R3-S4 or later. For Junos OS version 15.1 before 15.1R3, update to 15.1R3 or later. For Junos OS version 15.1F2 before 15.1F2-S2, update to 15.1F2-S2 or later. For Junos OS version 15.1X49 before 15.1X49-D40, update to 15.1X49-D40 or later.