Junos Kernel Panic Denial Of Service Vulnerability Network Vulnerability

Summary

Denial of Service Vulnerability through crafted IGMP packets.

Impact

Remote attackers can cause the kernel to crash resulting in a Denial of Service condition.

Solution

New builds of Junos OS software are available from Juniper. As a workaround disable PIM if not required or if fxp0 is unused, disable the external management interface.

Insight

Reception of a very high rate of crafted IGMP packets may cause the Junos kernel to crash. The contents of the valid IGMP packets must be specifically crafted to trigger the crash, while maintaining a transmit rate exceeding approximately 1000 packets per second. PIM must also be enabled to trigger this crash.

Affected

Junos OS 13.2 and 13.3.

References

http://kb.juniper.net/JSA10618
http://www.securityfocus.com/bid/66762

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0614
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Junos RADIUS Uninteded Authentication Vulnerability
Junos Denial of Service Vulnerability in Flow Daemon
Junos J-Web Sajax Remote Code Execution Vulnerability
Junos JPPPD Denial of Service Vulnerability
Junos PIM Handling DoS Vulnerability

Junos Kernel Panic Denial of Service Vulnerability

Take action and discover your vulnerabilities