Main Vulnerability Database SB2018101024

SB2018101024 - Resource management error in Juniper Junos OS

Published: October 10, 2018 Updated: October 12, 2018

Security Bulletin ID SB2018101024

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2018-0045)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability is caused by improper resources management when the Junos OS device is configured for Draft-Rosen multicast virtual private network (MVPN). A remote attacker can repeatedly send the same specific Draft-Rosen MVPN control packet to the affected device and cause the routing protocol daemon (RPD) process to crash.

Remediation

Install update from vendor's website.

References

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10879&cat=SIRT_1&actp=LIST