Impact
An attacker can cause the routing protocol daemon to hang or crash. When rpd is unavailable, routing updates cannot be processed which can lead to an extended network outage.
Solution
New builds of Junos OS software are available from Juniper. As a workaround enable RSVP only on trusted interfaces as required for MPLS.
Insight
Receipt of a crafted or malformed RSVP packet may cause the routing protocol daemon to hang or crash. This issue only occurs during processing of RSVP PATH messages.
If RSVP is not enabled on an interface, then the issue cannot be triggered via that interface.
Affected
Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.2 with
support for RSVP enabled.
Detection
Check the OS build.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-6378 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities