Junos IPv6 To IPv4 Translating Denial Of Service Vulnerability Network Vulnerability

Summary

DoS when translating from IPv6 to IPv4.

Impact

Unauthenticated attackers can cause a DoS condition by repeatedly exploiting this vulnerability.

Solution

New builds of Junos OS software are available from Juniper. As a workaround disable NAT translation from IPv6 to IPv4 if not required.

Insight

A denial of service (DoS) issue has been discovered in Juniper SRX Series products that can be exploited by remote unauthenticated attackers. This issue takes place when a certain malformed packet is translated from IPv6 to IPv4. When this malformed packet is sent to a vulnerable SRX Series device, the flowd process may crash.

Affected

Junos OS 11.4, 12.1, 12.1X44, 12.1X45 and 12.1X46.

Detection

Check the OS build.

References

http://kb.juniper.net/JSA10641

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-3822

CVSS	Base Score: 5.4 AV:N/AC:H/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Junos IPv6 to IPv4 Translating Denial of Service Vulnerability
Junos CSRF Protection Bypass Vulnerability in J-Web
Junos Privilege Escalation Vulnerability
Junos TCP Packet Processing Denial of Service Vulnerability
Junos RDP Crash Vulnerability

Take action and discover your vulnerabilities