Junos Flowd Denial Of Service Vulnerability Network Vulnerability

Impact

An attacker can crash the flowd process causing a DoS.

Solution

New builds of Junos OS software are available from Juniper. As a workaround disable ALGs if they are not required or enable flow-based processing for IPv6 traffic.

Insight

On SRX Series devices, when any ALG is enabled, a certain crafted packet may cause the flowd process to crash.

Affected

Junos OS 11.4, 12.1

Detection

Check the OS build.

References

http://kb.juniper.net/JSA10650
http://www.securityfocus.com/bid/70366

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-3825
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Junos FPC Denial of Service Vulnerability
Junos PIM Handling DoS Vulnerability
Junos Kernel Panic Denial of Service Vulnerability
Junos RPD Denial of Service Vulnerability
Junos JPPPD Denial of Service Vulnerability

Junos Flowd Denial of Service Vulnerability

Take action and discover your vulnerabilities