Summary
Denial of Service vulnerability in flowd while processing valid HTTP traffic.
Impact
Remote attackers can cause a denial of service condition on the device.
Solution
New builds of Junos OS software are available from Juniper.
Insight
On SRX Series services gateways acting as UAC enforcer with captive portal enabled, certain valid HTTP protocol messages may cause the flow daemon process to crash.
Affected
Junos OS 10.4, 11.4, 12.1 and 12.1X44.
Detection
Check the OS build.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-0618 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities