CVE-2018-0034

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 12.3R12-S10 on EX Series Juniper Networks Junos OS versions prior to 12.3X48-D70 on SRX Series Juniper Networks Junos OS versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100 Juniper Networks Junos OS versions prior to 14.1X53-D130 on QFabric Juniper Networks Junos OS versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7 Juniper Networks Junos OS versions prior to 15.1X49-D140 on SRX Series Juniper Networks Junos OS versions prior to 15.1X53-D67 on QFX10000 Series Juniper Networks Junos OS versions prior to 15.1X53-D233 on QFX5110, QFX5200 Juniper Networks Junos OS versions prior to 15.1X53-D471 on NFX 150, NFX 250 Juniper Networks Junos OS versions prior to 16.1R3-S9, 16.1R4-S8, 16.1R5-S4, 16.1R6-S3, 16.1R7 Juniper Networks Junos OS versions prior to 16.2R2-S5, 16.2R3 Juniper Networks Junos OS versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3 Juniper Networks Junos OS versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3 Juniper Networks Junos OS versions prior to 17.3R1-S4, 17.3R2-S2, 17.3R3 Juniper Networks Junos OS versions prior to 17.4R1-S3, 17.4R2

Description: A Denial of Service issue exists in the JDHCPD daemon of Juniper Networks Junos OS, allowing an attacker to crash the daemon by sending a crafted IPv6 packet. This issue affects systems that receive IPv6 DHCP packets and are configured for DHCP processing using the JDHCPD daemon. It does not affect IPv4 DHCP packet processing.

Recommendations: For Juniper Networks Junos OS versions prior to 12.3R12-S10 on EX Series, update to 12.3R12-S10 or later. For Juniper Networks Junos OS versions prior to 12.3X48-D70 on SRX Series, update to 12.3X48-D70 or later. For Juniper Networks Junos OS versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100, update to 14.1X53-D47 or later. For Juniper Networks Junos OS versions prior to 14.1X53-D130 on QFabric, update to 14.1X53-D130 or later. For Juniper Networks Junos OS versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7, update to 15.1R4-S9, 15.1R6-S6, 15.1R7 or later. For Juniper Networks Junos OS versions prior to 15.1X49-D140 on SRX Series, update to 15.1X49-D140 or later. For Juniper Networks Junos OS versions prior to 15.1X53-D67 on QFX10000 Series, update to 15.1X53-D67 or later. For Juniper Networks Junos OS versions prior to 15.1X53-D233 on QFX5110, QFX5200, update to 15.1X53-D233 or later. For Juniper Networks Junos OS versions prior to 15.1X53-D471 on NFX 150, NFX 250, update to 15.1X53-D471 or later. For Juniper Networks Junos OS versions prior to 16.1R3-S9, 16.1R4-S8, 16.1R5-S4, 16.1R6-S3, 16.1R7, update to 16.1R3-S9, 16.1R4-S8, 16.1R5-S4, 16.1R6-S3, 16.1R7 or later. For Juniper Networks Junos OS versions prior to 16.2R2-S5, 16.2R3, update to 16.2R2-S5, 16.2R3 or later. For Juniper Networks Junos OS versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3, update to 17.1R1-S7, 17.1R2-S7, 17.1R3 or later. For Juniper Networks Junos OS versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3, update to 17.2R1-S6, 17.2R2-S4, 17.2R3 or later. For Juniper Networks Junos OS versions prior to 17.3R1-S4, 17.3R2-S2, 17.3R3, update to 17.3R1-S4, 17.3R2-S2, 17.3R3 or later. For Juniper Networks Junos OS versions prior to 17.4R1-S3, 17.4R2, update to 17.4R1-S3, 17.4R2 or later.