CVE-2014-0616: Race Condition
First published: Tue Jan 14 2014(Updated: )
Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R4-S2, 13.1 before 13.1R3-S1, 13.2 before 13.2R2, and 13.3 before 13.3R1 allows remote attackers to cause a denial of service (rdp crash) via a large BGP UPDATE message which immediately triggers a withdraw message to be sent, as demonstrated by a long AS_PATH and a large number of BGP Communities.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =10.4 | |
| Juniper JUNOS | =11.4 | |
| Juniper JUNOS | =12.1r | |
| Juniper JUNOS | =12.1x44 | |
| Juniper JUNOS | =12.1x45 | |
| Juniper JUNOS | =12.1x46 | |
| Juniper JUNOS | =12.2 | |
| Juniper JUNOS | =12.3 | |
| Juniper JUNOS | =13.1 | |
| Juniper JUNOS | =13.2 | |
| Juniper JUNOS | =13.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/10.4
- version/juniper junos/11.4
- version/juniper junos/12.1r
- version/juniper junos/12.1x44
- version/juniper junos/12.1x45
- version/juniper junos/12.1x46
- version/juniper junos/12.2
- version/juniper junos/12.3
- version/juniper junos/13.1
- version/juniper junos/13.2
- version/juniper junos/13.3