CVE-2014-3818

Name of the Vulnerable Software and Affected Versions Juniper Junos OS versions 9.1 through 11.4 before 11.4R11 Juniper Junos OS versions 12.1 before R10 Juniper Junos OS versions 12.1X44 before D40 Juniper Junos OS versions 12.1X46 before D30 Juniper Junos OS versions 12.1X47 before D11 and 12.147-D15 Juniper Junos OS versions 12.1X48 before D41 and D62 Juniper Junos OS versions 12.2 before R8 Juniper Junos OS versions 12.2X50 before D70 Juniper Junos OS versions 12.3 before R6 Juniper Junos OS versions 13.1 before R4-S2 Juniper Junos OS versions 13.1X49 before D49 Juniper Junos OS versions 13.1X50 before 30 Juniper Junos OS versions 13.2 before R4 Juniper Junos OS versions 13.2X50 before D20 Juniper Junos OS versions 13.2X51 before D25 Juniper Junos OS versions 13.2X52 before D15 Juniper Junos OS versions 13.3 before R2 Juniper Junos OS versions 14.1 before R1

Description The issue allows remote attackers to cause a denial of service, resulting in memory corruption and a crash and restart of the RDP routing process, via crafted transitive attributes in a BGP UPDATE when supporting 4-byte AS numbers and a BGP peer does not.

Recommendations For Juniper Junos OS versions 9.1 through 11.4 before 11.4R11, update to version 11.4R11 or later. For Juniper Junos OS versions 12.1 before R10, update to version 12.1R10 or later. For Juniper Junos OS versions 12.1X44 before D40, update to version 12.1X44D40 or later. For Juniper Junos OS versions 12.1X46 before D30, update to version 12.1X46D30 or later. For Juniper Junos OS versions 12.1X47 before D11 and 12.147-D15, update to version 12.1X47D11 or 12.147D15 or later. For Juniper Junos OS versions 12.1X48 before D41 and D62, update to version 12.1X48D41 or D62 or later. For Juniper Junos OS versions 12.2 before R8, update to version 12.2R8 or later. For Juniper Junos OS versions 12.2X50 before D70, update to version 12.2X50D70 or later. For Juniper Junos OS versions 12.3 before R6, update to version 12.3R6 or later. For Juniper Junos OS versions 13.1 before R4-S2, update to version 13.1R4-S2 or later. For Juniper Junos OS versions 13.1X49 before D49, update to version 13.1X49D49 or later. For Juniper Junos OS versions 13.1X50 before 30, update to version 13.1X50-30 or later. For Juniper Junos OS versions 13.2 before R4, update to version 13.2R4 or later. For Juniper Junos OS versions 13.2X50 before D20, update to version 13.2X50D20 or later. For Juniper Junos OS versions 13.2X51 before D25, update to version 13.2X51D25 or later. For Juniper Junos OS versions 13.2X52 before D15, update to version 13.2X52D15 or later. For Juniper Junos OS versions 13.3 before R2, update to version 13.3R2 or later. For Juniper Junos OS versions 14.1 before R1, update to version 14.1R1 or later.