PT-2019-2800 · Juniper Networks · Junos

Published

2019-07-10

·

Updated

2020-09-29

·

CVE-2019-0052

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 12.3X48-D85 Junos OS versions prior to 15.1X49-D181 Junos OS versions prior to 15.1X49-D190 Junos OS 17.3 versions Junos OS versions prior to 17.4R1-S8 Junos OS versions prior to 17.4R2-S5 Junos OS versions prior to 17.4R3 Junos OS versions prior to 18.1R3-S6 Junos OS versions prior to 18.2R2-S1 Junos OS versions prior to 18.2R3 Junos OS versions prior to 18.3R1-S2 Junos OS versions prior to 18.3R2 Junos OS versions prior to 18.4R1-S1 Junos OS versions prior to 18.4R2
Description The issue is related to an uncontrolled resource consumption in the srxpfe process of the JunOS operating system. This can be exploited by a remote attacker using a specially crafted fragmented HTTP packet, potentially causing the service gateway to crash. The problem occurs when the UTM module misinterprets the packet as a regular TCP packet, leading to a processor crash. This issue affects SRX Series platforms that support URL-Filtering and have web-filtering enabled.
Recommendations For Junos OS versions prior to 12.3X48-D85, update to 12.3X48-D85 or later. For Junos OS versions prior to 15.1X49-D181, update to 15.1X49-D181 or later. For Junos OS versions prior to 15.1X49-D190, update to 15.1X49-D190 or later. For Junos OS 17.3 versions, update to a later version. For Junos OS versions prior to 17.4R1-S8, update to 17.4R1-S8 or later. For Junos OS versions prior to 17.4R2-S5, update to 17.4R2-S5 or later. For Junos OS versions prior to 17.4R3, update to 17.4R3 or later. For Junos OS versions prior to 18.1R3-S6, update to 18.1R3-S6 or later. For Junos OS versions prior to 18.2R2-S1, update to 18.2R2-S1 or later. For Junos OS versions prior to 18.2R3, update to 18.2R3 or later. For Junos OS versions prior to 18.3R1-S2, update to 18.3R1-S2 or later. For Junos OS versions prior to 18.3R2, update to 18.3R2 or later. For Junos OS versions prior to 18.4R1-S1, update to 18.4R1-S1 or later. For Junos OS versions prior to 18.4R2, update to 18.4R2 or later.

Fix

Resource Exhaustion

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-436CWE-400CWE-404

Related Identifiers

BDU:2019-02755
CVE-2019-0052

Affected Products

Junos