Summary
A large number of crafted PIM join messages can crash the RPD routing daemon.
Impact
Once a large amount of these PIM joins are received by the router, RPD crashes and restarts.
Solution
New builds of Junos OS software are available from Juniper. As a workaround ACLs or firewall filters to limit PIM access to the router only from trusted hosts.
Insight
Receipt of a large number of crafted IPv4 or IPv6 PIM join messages in a Next-Generation Multicast VPN (NGEN MVPN) environment can trigger the RPD routing daemon to crash.
Affected
Junos OS 10.0 or later but only applies to PIM in an NGEN MVPN environment.
Detection
Check the OS build.
References
Severity
Classification
-
CVE CVE-2013-6170 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities