Improper input validation - CVE-2016-1275
Published: July 14, 2016 / Updated: November 22, 2018
Vulnerability identifier: #VU144
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2016-1275
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor:
Affected software:
Detailed vulnerability description
The vulnerability allows a remote attacker to cause denial of service conditions on the target system.
The vulnerability exists in Juniper Junos. A remote unauthenticated attacker can cause denial of service conditions by sending a flood of specially crafted Ethernet packets with and EtherType field of IPv6 (0x86DD) to vulnerable server.
Successful exploitation of this vulnerability may result in denial of service.
The vulnerability exists in Juniper Junos. A remote unauthenticated attacker can cause denial of service conditions by sending a flood of specially crafted Ethernet packets with and EtherType field of IPv6 (0x86DD) to vulnerable server.
Successful exploitation of this vulnerability may result in denial of service.
How to mitigate CVE-2016-1275
The vendor has issued a fix (13.3R9, 14.1R6-S1, 14.1R7, 14.2R1, 15.1R1, 15.1F2, 16.1R1).