CVE-2014-6385

Name of the Vulnerable Software and Affected Versions Juniper Junos versions 11.4 through 11.4R13 Juniper Junos versions 12.1X44 through 12.1X44-D45 Juniper Junos versions 12.1X46 through 12.1X46-D30 Juniper Junos versions 12.1X47 through 12.1X47-D15 Juniper Junos versions 12.2 through 12.2R9 Juniper Junos versions 12.3R7 through 12.3R7-S1 Juniper Junos versions 12.3 through 12.3R8 Juniper Junos versions 13.1 through 13.1R5 Juniper Junos versions 13.2 through 13.2R6 Juniper Junos versions 13.3 through 13.3R4 Juniper Junos versions 14.1 through 14.1R2 Juniper Junos versions 14.2 through 14.2R1

Description The issue allows remote attackers to cause a denial of service, resulting in a kernel crash and restart, via a crafted fragmented OSPFv3 packet with an IPsec Authentication Header (AH).

Recommendations For Juniper Junos versions 11.4 through 11.4R13, update to version 11.4R13 or later. For Juniper Junos versions 12.1X44 through 12.1X44-D45, update to version 12.1X44-D45 or later. For Juniper Junos versions 12.1X46 through 12.1X46-D30, update to version 12.1X46-D30 or later. For Juniper Junos versions 12.1X47 through 12.1X47-D15, update to version 12.1X47-D15 or later. For Juniper Junos versions 12.2 through 12.2R9, update to version 12.2R9 or later. For Juniper Junos versions 12.3R7 through 12.3R7-S1, update to version 12.3R7-S1 or later. For Juniper Junos versions 12.3 through 12.3R8, update to version 12.3R8 or later. For Juniper Junos versions 13.1 through 13.1R5, update to version 13.1R5 or later. For Juniper Junos versions 13.2 through 13.2R6, update to version 13.2R6 or later. For Juniper Junos versions 13.3 through 13.3R4, update to version 13.3R4 or later. For Juniper Junos versions 14.1 through 14.1R2, update to version 14.1R2 or later. For Juniper Junos versions 14.2 through 14.2R1, update to version 14.2R1 or later.