Описание
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service.
This issue affects Junos OS:
- All versions before 21.4R3-S6,
- 22.2 versions before 22.2R3-S3,
- 22.3 versions before 22.3R3-S3,
- 22.4 versions before 22.4R3,
- 23.2 versions before 23.2R2.
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service.
This issue affects Junos OS:
- All versions before 21.4R3-S6,
- 22.2 versions before 22.2R3-S3,
- 22.3 versions before 22.3R3-S3,
- 22.4 versions before 22.4R3,
- 23.2 versions before 23.2R2.
Связанные уязвимости
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If DNS Domain Generation Algorithm (DGA) detection or tunnel detection, and DNS-filtering traceoptions are configured, and specific valid transit DNS traffic is received this causes a PFE crash and restart, leading to a Denial of Service. This issue affects Junos OS: * All versions before 21.4R3-S6, * 22.2 versions before 22.2R3-S3, * 22.3 versions before 22.3R3-S3, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R2.
Уязвимость модуля Packet Forwarding Engine (PFE) операционной системы Juniper Networks Junos OS устройств серии SRX Series, позволяющая нарушителю вызвать отказ в обслуживании