Vulnerabilities > CVE-2014-6449 - Resource Management Errors vulnerability in Juniper Junos

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

juniper

CWE-399

nessus

NVD

Published: 2015-10-16

Updated: 2016-12-08

Summary

Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R5, and 14.2 before 14.2R1 do not properly handle TCP packet reassembly, which allows remote attackers to cause a denial of service (buffer consumption) via a crafted sequence of packets "destined to the device."

Vulnerable Configurations

Part	Description	Count
OS	Juniper Juniper Junos 12.1X44 Juniper Junos 12.1X46 Juniper Junos 12.1X47 Juniper Junos 12.3 Juniper Junos 12.3X48 Juniper Junos 13.2 Juniper Junos 13.3 Juniper Junos 14.1 Juniper Junos 14.2	54

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	Junos Local Security Checks
NASL id	JUNIPER_JSA10696.NASL
description	According to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability due to improper TCP packet reassembly. An unauthenticated, remote attacker can exploit this, via a specially crafted sequence of fragmented packets, to consume all available buffers, resulting in a denial of service condition.
last seen	2020-06-01
modified	2020-06-02
plugin id	86475
published	2015-10-21
reporter	This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/86475
title	Juniper Junos Fragmented TCP Packet Sequence Handling DoS (JSA10696)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References