Junos OSPF Protocol Vulnerability Network Vulnerability

Summary

A vulnerability in the OSPF protocol allows a remote attacker to insert, update or delete routes in the OSPF database.

Impact

A remote attacker might re-route traffic, compromise the confidentially of data or cunduct a DoS attack by dropping all traffic.

Solution

New builds of Junos OS software are available from Juniper. Use MD5 authentication when configuring OSPF. MD5 authentication completely mitigates this issue.

Insight

A vulnerability has been discovered in the OSPF (Open Shortest Path First) protocol that allows a remote attacker to insert, update or delete routes in the OSPF database.

Affected

Plattforms running Junos OS before versions 13.1R3, 13.2X50-D10, 12.3R3, 12.2R5, 12.1R7, 12.1X45-D10, 12.1X44-D15, 11.4R8 and 10.4R15

Detection

Check the OS build.

References

http://kb.juniper.net/JSA10582
http://www.kb.cert.org/vuls/id/229804
http://www.securityfocus.com/bid/61566

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0149
CVSS Base Score: 5.8
AV:N/AC:M/Au:N/C:P/I:N/A:P

Related Vulnerabilities

Junos CVE-2004-0468
Junos OSPF Protocol Vulnerability
Junos SSL Session Injection Vulnerability
Junos TCP Packet Processing Denial of Service Vulnerability
Junos J-Web Persistent Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities