CVE-2018-0032

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 16.1X65-D47 Junos OS versions prior to 17.2X75-D91 Junos OS versions prior to 17.2X75-D110 Junos OS versions prior to 17.3R1-S4 Junos OS versions prior to 17.3R2 Junos OS versions prior to 17.4R1-S3 Junos OS versions prior to 17.4R2

Description The issue is related to insufficient input validation in the Junos operating system. Exploitation of this issue can allow an attacker to cause a denial of service. Specifically, the receipt of a crafted BGP UPDATE can lead to a routing process daemon (RPD) crash and restart. Repeated receipt of the same crafted BGP UPDATE can result in an extended denial of service condition for the device.

Recommendations For Junos OS versions prior to 16.1X65-D47, update to version 16.1X65-D47 or later. For Junos OS versions prior to 17.2X75-D91, update to version 17.2X75-D91 or later. For Junos OS versions prior to 17.2X75-D110, update to version 17.2X75-D110 or later. For Junos OS versions prior to 17.3R1-S4, update to version 17.3R1-S4 or later. For Junos OS versions prior to 17.3R2, update to version 17.3R2 or later. For Junos OS versions prior to 17.4R1-S3, update to version 17.4R1-S3 or later. For Junos OS versions prior to 17.4R2, update to version 17.4R2 or later.