Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.106020
Categoría:JunOS Local Security Checks
Título:Junos mbuf Denial of Service Vulnerability
Resumen:Junos OS is prone to a DoS vulnerability by mbuf exhaustion.
Descripción:Summary:
Junos OS is prone to a DoS vulnerability by mbuf exhaustion.

Vulnerability Insight:
When an active TCP connection transitions to LAST_ACK state and
the daemon connected to the socket still has more data to send, the socket could get stuck in LAST_ACK
state indefinitely, using up finite mbufs and connections. Exploitation of this issue requires establishment
of a TCP connection to a listening port on the router. TCP ports protected by ingress and/or control plane
firewall filters are not vulnerable to this issue. However, anti-spoofing mechanisms should be employed
to protect against malicious attempts to bypass existing firewall filters.

Vulnerability Impact:
Triggering the condition repeatedly could lead to total mbuf exhaustion,
requiring a reboot or switchover of the master RE to resolve.

Affected Software/OS:
Junos OS 12.1, 12.3, 13.2, 13.3, 14.1 and 14.2

Solution:
New builds of Junos OS software are available from Juniper.

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-5358
NETBSD Security Advisory: NetBSD-SA2015-009
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-009.txt.asc
http://www.securitytracker.com/id/1032842
http://www.securitytracker.com/id/1033007
http://www.securitytracker.com/id/1033915
CopyrightThis script is Copyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.