Summary
Denial of Service vulnerability due to stack exhaustion in glibc used by Junos
Impact
Local attackers can cause a partial denial of service on services provided by rpd.
Solution
New builds of Junos OS software are available from Juniper.
Insight
A stack consumption vulnerability in the regcomp implementation in the GNU C Library allows an attacker to cause a denial of service via a regular expression containing adjacent repetition operators or adjacent bounded repetitions. Junos uses regular expressions in several places within the CLI.
Affected
Junos OS 10.4, 11.4, 12.1, 12.2, 12.3, 13.1, 13.2, 13.3
Detection
Check the OS build.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-4051, CVE-2010-4052 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities