Junos SIP ALG Denial Of Service Vulnerability Network Vulnerability

Summary

DoS on SRX devices when SIP ALG is enabled

Impact

Repeated crashes of the flowd process constitutes an extended denial of service condition for the SRX Series device.

Solution

New builds of Junos OS software are available from Juniper. As a workaround disable SIP ALG or enable flow-based processing for IPv6 traffic.

Insight

On SRX Series devices, when SIP ALG is enabled, a certain crafted SIP packet may cause the flowd process to crash. SIP ALG is enabled by default on SRX Series devices except for SRX-HE devices. SRX-HE devices have SIP ALG disabled by default. The status of ALGs can beobtained by executing the 'show security alg status' CLI command.

Affected

Junos OS 12.1X46 and 12.1X47

Detection

Check the OS build.

References

http://kb.juniper.net/JSA10633

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-3815
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Junos Denial of Service Vulnerability in Flow Daemon
Junos J-Web Sajax Remote Code Execution Vulnerability
Junos GNU libc GLOB_LIMIT DoS Vulnerability
Junos Web Filtering Denial of Service Vulnerability
Junos BGP FlowSpec Denial of Service Vulnerability

Junos SIP ALG Denial of Service Vulnerability

Take action and discover your vulnerabilities