Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Published: 2015-07-16
Updated: 2015-07-22
Summary
IPv6 sendd in Juniper Junos 12.1X44 before 12.1X44-D51, 12.1X46 before 12.1X46-D36, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.2 before 14.2R3, 15.1 before 15.1R1, and 15.1X49 before 15.1X49-D20, when the "set protocols neighbor-discovery secure security-level default" option is configured, allows remote attackers to cause a denial of service (CPU consumption) via a crafted Secure Neighbor Discovery (SEND) Protocol packet.
Vulnerable Configurations
Part | Description | Count |
OS | Juniper | 57 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Junos Local Security Checks |
NASL id | JUNIPER_JSA10688.NASL |
description | According to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability in sendd due to improper handling of IPv6 Secure Neighbor Discovery (SEND) Protocol packets when the Secure Neighbor Discovery feature is configured. A remote attacker, using a crafted SEND packet, can exploit this to cause excessive consumption of CPU resources, resulting in an impact on CLI responsiveness and the processing of IPv6 packets via link-local addresses. |
last seen | 2019-10-28 |
modified | 2015-08-04 |
plugin id | 85228 |
published | 2015-08-04 |
reporter | This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/85228 |
title | Juniper Junos IPv6 sendd DoS (JSA10688) |