Juniper Junos OS update for bind

1) Resource management error

EUVDB-ID: #VU28121

Risk: High

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-8616

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources with the applicatoin. In order for a server performing recursion to locate records in the DNS graph it must be capable of processing referrals, such as those received when it attempts to query an authoritative server for a record which is delegated elsewhere. A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral.

Mitigation

Install update from vendor's website.

Juniper Networks Junos OS on SRX Series:

• 15.1X49 versions prior to 15.1X49-D240;
• 17.4 versions prior to 17.4R3-S4;
• 18.1 versions prior to 18.1R3-S12;
• 18.2 versions prior to 18.2R2-S8, 18.2R3-S7;
• 18.3 versions prior to 18.3R3-S4;
• 18.4 versions prior to 18.4R2-S6, 18.4R3-S6;
• 19.1 versions prior to 19.1R2-S2, 19.1R3-S3;
• 19.2 versions prior to 19.2R3-S1;
• 19.3 versions prior to 19.3R2-S5, 19.3R3;
• 19.4 versions prior to 19.4R2-S2, 19.4R3;
• 20.1 versions prior to 20.1R2;
• 20.2 versions prior to 20.2R1-S2, 20.2R2.

Vulnerable software versions

Juniper Junos OS: 15.1X49 - 20.3

External links

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11090&cat=SIRT_1&actp=LIST

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.