Junos Flowd Denial Of Service Vulnerability Network Vulnerability

Impact

An attacker can crash the flowd process causing a DoS.

Solution

New builds of Junos OS software are available from Juniper. As a workaround disable ALGs if they are not required or enable flow-based processing for IPv6 traffic.

Insight

On SRX Series devices, when any ALG is enabled, a certain crafted packet may cause the flowd process to crash.

Affected

Junos OS 11.4, 12.1

Detection

Check the OS build.

References

http://kb.juniper.net/JSA10650
http://www.securityfocus.com/bid/70366

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-3825

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Junos Multiple Privilege Escalation Vulnerabilities
Junos Kernel Panic Denial of Service Vulnerability
Junos GNU libc GLOB_LIMIT DoS Vulnerability
Junos RSVP Denial of Service Vulnerability
Junos Denial of Service Vulnerability in Flow Daemon

Junos Flowd Denial of Service Vulnerability

Take action and discover your vulnerabilities