PT-2013-5956 · Juniper Networks · Junos
Published
2013-10-17
·
Updated
2014-01-08
·
CVE-2013-6170
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Juniper Junos versions 10.0 before 10.0S28
Juniper Junos versions 10.4 before 10.4R7
Juniper Junos versions 11.1 before 11.1R5
Juniper Junos versions 11.2 before 11.2R2
Juniper Junos versions 11.4 before 11.4R1
Description
The issue allows remote attackers to cause a denial of service, resulting in the RPD routing daemon crash, by sending a large number of crafted PIM (S,G) join requests in a Next-Generation Multicast VPN (NGEN MVPN) environment.
Recommendations
For Juniper Junos versions 10.0 before 10.0S28, update to version 10.0S28 or later.
For Juniper Junos versions 10.4 before 10.4R7, update to version 10.4R7 or later.
For Juniper Junos versions 11.1 before 11.1R5, update to version 11.1R5 or later.
For Juniper Junos versions 11.2 before 11.2R2, update to version 11.2R2 or later.
For Juniper Junos versions 11.4 before 11.4R1, update to version 11.4R1 or later.
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos