Detections
Analytics

Juniper JUNOSe IPv6 Packet Handling Line Card Reset Remote DoS (JSA10767) (deprecated)

high Nessus Plugin ID 94678

Language:

Synopsis

This plugin has been deprecated.

Description

According to its version, the remote Juniper E-eries device is affected by a denial of service vulnerability in the IPv6 support component due to improper handling IPv6 packets. An unauthenticated, remote attacker can exploit this, via a specially crafted IPv6 packet, to cause the line card to reset.

Note that devices with IPv6 disabled are not affected.

This plugin has been deprecated. Juniper ERX devices reached End of Support Life on October 26, 2018.

See Also

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10767

https://support.juniper.net/support/eol/software/junose/

Plugin Details

Severity: High

ID: 94678

File Name: juniper_jsa10767.nasl

Version: 1.7

Type: local

Family: Misc.

Published: 11/10/2016

Updated: 9/5/2023

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2016-4925

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:juniper:junose

Required KB Items: Settings/ParanoidReport, Host/JunosE/version

Exploit Ease: No known exploits are available

Patch Publication Date: 10/12/2016

Vulnerability Publication Date: 10/12/2016

Reference Information

CVE: CVE-2016-4925

BID: 93533

JSA: JSA10767