Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.105927 |
Categoría: | JunOS Local Security Checks |
Título: | Junos FPC Denial of Service Vulnerability |
Resumen: | JunOS is prone to a Denial of Service Vulnerability. |
Descripción: | Summary: JunOS is prone to a Denial of Service Vulnerability. Vulnerability Insight: Traffic between the RE and transit interfaces is carried over an internal network between the PFEs and REs. Some REs use em interfaces (usually, em0 and em1) to connect to this network. Receipt of a carefully crafted set of fragmented packets, destined to the router, can cause the em driver to become permanently blocked when trying to formulate a reply. Vulnerability Impact: An attacker can cause the RE to be unable to communicate over the private network that connects the FPCs and REs eventually causing all FPCs to go offline and stay offline. Systems with redundant REs will failover, but would then be subject to the same issue. Affected Software/OS: Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.2 Solution: New builds of Junos OS software are available from Juniper. As a workaround filter fragmented packets destined to the router. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-6380 BugTraq ID: 70369 http://www.securityfocus.com/bid/70369 http://www.securitytracker.com/id/1031011 XForce ISS Database: juniper-junos-cve20146380-dos(96904) https://exchange.xforce.ibmcloud.com/vulnerabilities/96904 |
Copyright | This script is Copyright (C) 2014 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |