PT-2019-3480 · Juniper Networks · Junos

Publicado

2019-10-09

·

Atualizado

2021-10-28

·

CVE-2019-0056

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 18.1R2-S4, 18.1R3-S5 Junos OS version 18.1X75-D10 and later versions Junos OS versions prior to 18.2R1-S5, 18.2R2-S3, 18.2R3 Junos OS versions prior to 18.2X75-D50 Junos OS versions prior to 18.3R1-S4, 18.3R2, 18.3R3 Junos OS versions prior to 18.4R1-S2, 18.4R2
Description The issue exists due to insufficient input validation in the OSPF protocol implementation. An attacker can exploit this to cause a Denial of Service (DoS) by sending a large number of specific IPv6 packets, causing the OSPF states to transition to Down. This affects all IPv4 and IPv6 traffic served by the OSPF routes. The attack requires multiple MPC10's installed in a single chassis with OSPF enabled and configured.
Recommendations For Junos OS versions prior to 18.1R2-S4, 18.1R3-S5, update to 18.1R2-S4 or 18.1R3-S5 or later. For Junos OS version 18.1X75-D10 and later versions, consider disabling OSPF until a patch is available. For Junos OS versions prior to 18.2R1-S5, 18.2R2-S3, 18.2R3, update to 18.2R1-S5, 18.2R2-S3, or 18.2R3 or later. For Junos OS versions prior to 18.2X75-D50, update to 18.2X75-D50 or later. For Junos OS versions prior to 18.3R1-S4, 18.3R2, 18.3R3, update to 18.3R1-S4, 18.3R2, or 18.3R3 or later. For Junos OS versions prior to 18.4R1-S2, 18.4R2, update to 18.4R1-S2 or 18.4R2 or later.

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-410

Identificadores relacionados

BDU:2019-03655
CVE-2019-0056

Produtos afetados

Junos