DoS in NAT Protocol Translation
A hang or repeated crash of the flowd process constitutes an extended denial of service condition for SRX Series devices.
New builds of Junos OS software are available from Juniper. As a workaround disable NAT protocol translation if it is not required.
On SRX Series devices, when NAT protocol translation from IPv4 to IPv6 is enabled, a certain crafted packet may cause the flowd process to hang or crash.
Junos OS 11.4, 12.1X44, 12.1X45 or 12.1X46.
Check the OS build.
Updated on 2015-03-25