Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2017-02490

Опубликовано: 12 окт. 2016
Источник: fstec
CVSS3: 7.5
CVSS2: 7.8
EPSS Низкий

Описание

Уязвимость службы обработки трафика IPv6 операционной системы Junos связана с ошибками управления ресурсами. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать исчерпание ресурсов и сбой в работе ядра при помощи специально созданного трафика IPv6

Вендор

Juniper Networks Inc.

Наименование ПО

JunOS

Версия ПО

14.1 (JunOS)
14.1r1 (JunOS)
14.1r2 (JunOS)
14.1r4 (JunOS)
14.1x53d15 (JunOS)
14.1x53d16 (JunOS)
14.1x53d25 (JunOS)
14.1x53d26 (JunOS)
14.1x53d27 (JunOS)
14.1x53d30 (JunOS)
14.1x53d40 (JunOS)
14.2r1 (JunOS)
14.2r2 (JunOS)
14.2r3 (JunOS)
14.2r4 (JunOS)
14.2r6 (JunOS)
11.4 (JunOS)
11.4r1 (JunOS)
11.4r10 (JunOS)
11.4r11 (JunOS)
11.4r12 (JunOS)
11.4r2 (JunOS)
11.4r3 (JunOS)
11.4r4 (JunOS)
11.4r5 (JunOS)
11.4r6 (JunOS)
11.4r7 (JunOS)
11.4r8 (JunOS)
11.4r9 (JunOS)
11.4r13s2 (JunOS)
12.3 (JunOS)
12.3r1 (JunOS)
12.3r2 (JunOS)
12.3r3 (JunOS)
12.3x48d10 (JunOS)
12.3x48d15 (JunOS)
12.3x48d25 (JunOS)
13.3 (JunOS)
13.3r1 (JunOS)
13.3r2 (JunOS)
13.3r2-s2 (JunOS)
13.3r3 (JunOS)
13.3r4 (JunOS)
13.3r5 (JunOS)
13.3r6 (JunOS)
13.3r7 (JunOS)
13.3r8 (JunOS)
14.1x55 (JunOS)
15.1f1 (JunOS)
15.1f2 (JunOS)
15.1x49d10 (JunOS)
15.1x49d20 (JunOS)
15.1x49d30 (JunOS)
15.1x49d35 (JunOS)
15.1x53d20 (JunOS)
15.1x53d21 (JunOS)
15.1x53d25 (JunOS)
15.1x53d30 (JunOS)
15.1x53d32 (JunOS)
15.1x53d33 (JunOS)
15.1x53d34 (JunOS)
15.1x53d50 (JunOS)
15.1x53d51 (JunOS)
15.1x53d52 (JunOS)
15.1x53d55 (JunOS)
13.3r4-s11 (JunOS)
13.3r9 (JunOS)
14.1r8 (JunOS)
15.1f5 (JunOS)
15.1f6 (JunOS)
15.1r3 (JunOS)

Тип ПО

Операционная система

Операционные системы и аппаратные платформы

Juniper Networks Inc. JunOS 14.1
Juniper Networks Inc. JunOS 14.1r1
Juniper Networks Inc. JunOS 14.1r2
Juniper Networks Inc. JunOS 14.1r4
Juniper Networks Inc. JunOS 14.1x53d15
Juniper Networks Inc. JunOS 14.1x53d16
Juniper Networks Inc. JunOS 14.1x53d25
Juniper Networks Inc. JunOS 14.1x53d26
Juniper Networks Inc. JunOS 14.1x53d27
Juniper Networks Inc. JunOS 14.1x53d30
Juniper Networks Inc. JunOS 14.1x53d40
Juniper Networks Inc. JunOS 14.2r1
Juniper Networks Inc. JunOS 14.2r2
Juniper Networks Inc. JunOS 14.2r3
Juniper Networks Inc. JunOS 14.2r4
Juniper Networks Inc. JunOS 14.2r6
Juniper Networks Inc. JunOS 11.4
Juniper Networks Inc. JunOS 11.4r1
Juniper Networks Inc. JunOS 11.4r10
Juniper Networks Inc. JunOS 11.4r11
Juniper Networks Inc. JunOS 11.4r12
Juniper Networks Inc. JunOS 11.4r2
Juniper Networks Inc. JunOS 11.4r3
Juniper Networks Inc. JunOS 11.4r4
Juniper Networks Inc. JunOS 11.4r5
Juniper Networks Inc. JunOS 11.4r6
Juniper Networks Inc. JunOS 11.4r7
Juniper Networks Inc. JunOS 11.4r8
Juniper Networks Inc. JunOS 11.4r9
Juniper Networks Inc. JunOS 11.4r13s2
Juniper Networks Inc. JunOS 12.3
Juniper Networks Inc. JunOS 12.3r1
Juniper Networks Inc. JunOS 12.3r2
Juniper Networks Inc. JunOS 12.3r3
Juniper Networks Inc. JunOS 12.3x48d10
Juniper Networks Inc. JunOS 12.3x48d15
Juniper Networks Inc. JunOS 12.3x48d25
Juniper Networks Inc. JunOS 13.3
Juniper Networks Inc. JunOS 13.3r1
Juniper Networks Inc. JunOS 13.3r2
Juniper Networks Inc. JunOS 13.3r2-s2
Juniper Networks Inc. JunOS 13.3r3
Juniper Networks Inc. JunOS 13.3r4
Juniper Networks Inc. JunOS 13.3r5
Juniper Networks Inc. JunOS 13.3r6
Juniper Networks Inc. JunOS 13.3r7
Juniper Networks Inc. JunOS 13.3r8
Juniper Networks Inc. JunOS 14.1x55
Juniper Networks Inc. JunOS 15.1f1
Juniper Networks Inc. JunOS 15.1f2
Juniper Networks Inc. JunOS 15.1x49d10
Juniper Networks Inc. JunOS 15.1x49d20
Juniper Networks Inc. JunOS 15.1x49d30
Juniper Networks Inc. JunOS 15.1x49d35
Juniper Networks Inc. JunOS 15.1x53d20
Juniper Networks Inc. JunOS 15.1x53d21
Juniper Networks Inc. JunOS 15.1x53d25
Juniper Networks Inc. JunOS 15.1x53d30
Juniper Networks Inc. JunOS 15.1x53d32
Juniper Networks Inc. JunOS 15.1x53d33
Juniper Networks Inc. JunOS 15.1x53d34
Juniper Networks Inc. JunOS 15.1x53d50
Juniper Networks Inc. JunOS 15.1x53d51
Juniper Networks Inc. JunOS 15.1x53d52
Juniper Networks Inc. JunOS 15.1x53d55
Juniper Networks Inc. JunOS 13.3r4-s11
Juniper Networks Inc. JunOS 13.3r9
Juniper Networks Inc. JunOS 14.1r8
Juniper Networks Inc. JunOS 15.1f5
Juniper Networks Inc. JunOS 15.1f6
Juniper Networks Inc. JunOS 15.1r3

Уровень опасности уязвимости

Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 7,8)
Высокий уровень опасности (базовая оценка CVSS 3.0 составляет 7,5)

Возможные меры по устранению уязвимости

Использование рекомендаций: https://kb.juniper.net/JSA10762

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 80%
0.01351
Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Связанные уязвимости

nvd логотип

CVE-2016-4921

CVSS3: 7.5
nvd
больше 8 лет назад

By flooding a Juniper Networks router running Junos OS with specially crafted IPv6 traffic, all available resources can be consumed, leading to the inability to store next hop information for legitimate traffic. In extreme cases, the crafted IPv6 traffic may result in a total resource exhaustion and kernel panic. The issue is triggered by traffic destined to the router. Transit traffic does not trigger the vulnerability. This issue only affects devices with IPv6 enabled and configured. Devices not configured to process IPv6 traffic are unaffected by this vulnerability. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. Affected releases are Juniper Networks Junos OS 11.4 prior to 11.4R13-S3; 12.3 prior to 12.3R3-S4; 12.3X48 prior to 12.3X48-D30; 13.3 prior to 13.3R10, 13.3R4-S11; 14.1 prior to 14.1R2-S8, 14.1R4-S12, 14.1R8; 14.1X53 prior to 14.1X53-D28, 14.1X53-D40; 14.1X55 prior to 14.1X55-D35;

github логотип

GHSA-mh47-23hp-5vf8

CVSS3: 7.5
github
больше 3 лет назад

By flooding a Juniper Networks router running Junos OS with specially crafted IPv6 traffic, all available resources can be consumed, leading to the inability to store next hop information for legitimate traffic. In extreme cases, the crafted IPv6 traffic may result in a total resource exhaustion and kernel panic. The issue is triggered by traffic destined to the router. Transit traffic does not trigger the vulnerability. This issue only affects devices with IPv6 enabled and configured. Devices not configured to process IPv6 traffic are unaffected by this vulnerability. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. Affected releases are Juniper Networks Junos OS 11.4 prior to 11.4R13-S3; 12.3 prior to 12.3R3-S4; 12.3X48 prior to 12.3X48-D30; 13.3 prior to 13.3R10, 13.3R4-S11; 14.1 prior to 14.1R2-S8, 14.1R4-S12, 14.1R8; 14.1X53 prior to 14.1X53-D28, 14.1X53-D40; 14.1X55 prior to 14.1X55-D3...

EPSS

Процентиль: 80%
0.01351
Низкий

7.5 High

CVSS3

7.8 High

CVSS2