Junos GNU Libc GLOB_LIMIT DoS Vulnerability Network Vulnerability

Summary

Remote authenticated users can cause a partial denial of service via crafted glob expressions.

Impact

Attacks against Junos OS with FTP services enabled can cause a partial DoS.

Solution

New builds of Junos OS software are available from Juniper. As a workaround ACLs or firewall filters to limit FTP access to the router only from trusted hosts.

Insight

The glob implementation in libc allows authenticated remote users to cause a denial of service via crafted glob expressions that do not match any pathnames.

Affected

Plattforms running Junos OS 10.4, 11.4, 12.1, 12.2, 12.3, 13.1.

Detection

Check the OS build.

References

http://kb.juniper.net/JSA10598
http://www.securityfocus.com/bid/43819

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2632

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Junos BGP UPDATE Denial of Service Vulnerability
Junos Multiple Privilege Escalation Vulnerabilities in Junos CLI
Junos RSVP Denial of Service Vulnerability
Junos Denial of Service Vulnerability while Processing HTTP Traffic
Junos PIM Handling DoS Vulnerability

Junos GNU libc GLOB_LIMIT DoS Vulnerability

Take action and discover your vulnerabilities