medium
5.9
CWE
20
Advisory Published
Updated

CVE-2018-0034: Junos OS: A malicious crafted IPv6 DHCP packet may cause the JDHCPD daemon to core

First published: Wed Jul 11 2018(Updated: )

A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system. This issue is limited to systems which receives IPv6 DHCP packets on a system configured for DHCP processing using the JDHCPD daemon. This issue does not affect IPv4 DHCP packet processing. Affected releases are Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S10 on EX Series; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200; 15.1X53 versions prior to 15.1X53-D471 on NFX 150, NFX 250; 16.1 versions prior to 16.1R3-S9, 16.1R4-S8, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.2 versions prior to 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S4, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R1-S3, 17.4R2.

Credit: sirt@juniper.net

Affected SoftwareAffected VersionHow to fix
Junos OS Evolved=12.3
Junos OS Evolved=12.3-r1
Junos OS Evolved=12.3-r10
Junos OS Evolved=12.3-r11
Junos OS Evolved=12.3-r12
Junos OS Evolved=12.3-r2
Junos OS Evolved=12.3-r3
Junos OS Evolved=12.3-r4
Junos OS Evolved=12.3-r5
Junos OS Evolved=12.3-r6
Junos OS Evolved=12.3-r7
Junos OS Evolved=12.3-r8
Junos OS Evolved=12.3-r9
Juniper EX2200-C
Juniper EX2200
Juniper EX2200
Juniper EX3200
Juniper EX3300-VX
Juniper EX3300-VX
Juniper EX Series
Juniper EX4200
juniper ex4500-vc
Juniper EX4500
Juniper EX Series
Juniper EX4550
Juniper EX6200
Juniper EX Series
Juniper EX8200
Juniper EX9200
Junos OS Evolved=12.3x48
Junos OS Evolved=12.3x48-d10
Junos OS Evolved=12.3x48-d15
Junos OS Evolved=12.3x48-d20
Junos OS Evolved=12.3x48-d25
Junos OS Evolved=12.3x48-d30
Junos OS Evolved=12.3x48-d35
Junos OS Evolved=12.3x48-d40
Junos OS Evolved=12.3x48-d45
Junos OS Evolved=12.3x48-d50
Junos OS Evolved=12.3x48-d55
Junos OS Evolved=12.3x48-d60
Junos OS Evolved=12.3x48-d65
Juniper SRX100
Juniper SRX110
Juniper SRX1400
Juniper SRX210
Juniper SRX220
Juniper SRX240
Juniper SRX3400
Juniper SRX3600
Juniper SRX5400
Juniper SRX550
Juniper SRX5600
Juniper SRX5800
Juniper SRX650
Junos OS Evolved=14.1x53
Junos OS Evolved=14.1x53-d10
Junos OS Evolved=14.1x53-d15
Junos OS Evolved=14.1x53-d16
Junos OS Evolved=14.1x53-d20
Junos OS Evolved=14.1x53-d25
Junos OS Evolved=14.1x53-d26
Junos OS Evolved=14.1x53-d27
Junos OS Evolved=14.1x53-d30
Junos OS Evolved=14.1x53-d35
Junos OS Evolved=14.1x53-d40
Junos OS Evolved=14.1x53-d42
Junos OS Evolved=14.1x53-d43
Junos OS Evolved=14.1x53-d44
Junos OS Evolved=14.1x53-d45
Junos OS Evolved=14.1x53-d46
Juniper EX2200
Juniper EX3300
Juniper EX4300-24T
Juniper EX4550
Juniper EX4600
Juniper EX8200
Juniper Networks QFX-Series
Juniper QFX3600-I
Juniper QFX5100
Junos OS Evolved=14.1x53-d121
Junos OS Evolved=14.1x53-d47
Juniper QFX3000-G
Juniper QFX3000-M
Junos OS Evolved=15.1
Junos OS Evolved=15.1-f2
Junos OS Evolved=15.1-f3
Junos OS Evolved=15.1-f4
Junos OS Evolved=15.1-f5
Junos OS Evolved=15.1-r1
Junos OS Evolved=15.1-r2
Junos OS Evolved=15.1-r3
Junos OS Evolved=15.1-r4
Junos OS Evolved=15.1-r6-s6
Junos OS Evolved=15.1-r7
Junos OS Evolved=15.1x49
Junos OS Evolved=15.1x49-d10
Junos OS Evolved=15.1x49-d100
Junos OS Evolved=15.1x49-d110
Junos OS Evolved=15.1x49-d120
Junos OS Evolved=15.1x49-d130
Junos OS Evolved=15.1x49-d20
Junos OS Evolved=15.1x49-d30
Junos OS Evolved=15.1x49-d35
Junos OS Evolved=15.1x49-d40
Junos OS Evolved=15.1x49-d45
Junos OS Evolved=15.1x49-d50
Junos OS Evolved=15.1x49-d60
Junos OS Evolved=15.1x49-d65
Junos OS Evolved=15.1x49-d70
Junos OS Evolved=15.1x49-d75
Junos OS Evolved=15.1x49-d80
Junos OS Evolved=15.1x49-d90
Juniper SRX1500
Juniper SRX300
Juniper SRX320
Juniper SRX340
Juniper SRX345
Juniper SRX4100
Juniper SRX4200
Juniper SRX550
Junos OS Evolved=15.1x53
Junos OS Evolved=15.1x53-d10
Junos OS Evolved=15.1x53-d20
Junos OS Evolved=15.1x53-d21
Junos OS Evolved=15.1x53-d30
Junos OS Evolved=15.1x53-d32
Junos OS Evolved=15.1x53-d33
Junos OS Evolved=15.1x53-d34
Junos OS Evolved=15.1x53-d40
Junos OS Evolved=15.1x53-d45
Junos OS Evolved=15.1x53-d50
Junos OS Evolved=15.1x53-d51
Junos OS Evolved=15.1x53-d52
Junos OS Evolved=15.1x53-d55
Junos OS Evolved=15.1x53-d56
Junos OS Evolved=15.1x53-d57
Junos OS Evolved=15.1x53-d58
Junos OS Evolved=15.1x53-d59
Junos OS Evolved=15.1x53-d60
Junos OS Evolved=15.1x53-d61
Junos OS Evolved=15.1x53-d62
Junos OS Evolved=15.1x53-d63
Junos OS Evolved=15.1x53-d64
Junos OS Evolved=15.1x53-d65
Junos OS Evolved=15.1x53-d66
Juniper QFX10002-60C
Juniper Networks QFX-Series
Juniper Networks QFX-Series
Junos OS Evolved=15.1x53-d210
Junos OS Evolved=15.1x53-d230
Junos OS Evolved=15.1x53-d231
Junos OS Evolved=15.1x53-d232
Junos OS Evolved=15.1x53-d67
Juniper QFX5110
Juniper QFX5200-32C
Juniper NFX
Juniper NFX
Junos OS Evolved=16.1
Junos OS Evolved=16.1-r1
Junos OS Evolved=16.1-r2
Junos OS Evolved=16.1-r3
Junos OS Evolved=16.1-r4-s8
Junos OS Evolved=16.1-r5-s4
Junos OS Evolved=16.1-r6-s3
Junos OS Evolved=16.1-r7
Junos OS Evolved=16.2
Junos OS Evolved=16.2-r1
Junos OS Evolved=16.2-r2
Junos OS Evolved=16.2-r3
Junos OS Evolved=17.1
Junos OS Evolved=17.1-r1
Junos OS Evolved=17.1-r2-s7
Junos OS Evolved=17.1-r3
Junos OS Evolved=17.2
Junos OS Evolved=17.2-r1
Junos OS Evolved=17.2-r2-s4
Junos OS Evolved=17.2-r3
Junos OS Evolved=17.3
Junos OS Evolved=17.3-r1
Junos OS Evolved=17.3-r2-s2
Junos OS Evolved=17.3-r3
Junos OS Evolved=17.4
Junos OS Evolved=17.4-r1
Junos OS Evolved=17.4-r2

Remedy

The following software releases have been updated to resolve this specific issue: Junos OS 12.3R12-S10, 12.3X48-D70, 14.1X53-D130*, 14.1X53-D47, 15.1R4-S9, 15.1R6-S6, 15.1R7, 15.1X49-D140, 15.1X53-D233, 15.1X53-D471, 15.1X53-D67, 16.1R3-S9, 16.1R4-S8, 16.1R5-S4, 16.1R6-S3, 16.1R7, 16.2R2-S5, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S6, 17.2R2-S4, 17.2R3, 17.3R1-S4, 17.3R2-S2, 17.3R3, 17.4R1-S3, 17.4R2, 18.1R1, and all subsequent releases. *Pending Publication

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2018-0034?

    CVE-2018-0034 has been classified as a moderate severity Denial of Service vulnerability.

  • How do I fix CVE-2018-0034?

    To fix CVE-2018-0034, upgrade the Junos OS to a version that is not affected by this vulnerability.

  • What products are affected by CVE-2018-0034?

    CVE-2018-0034 affects specific versions of Junos OS, particularly those in the 12.3 series and select 14.x and 15.x versions.

  • Can CVE-2018-0034 be exploited remotely?

    Yes, CVE-2018-0034 can be exploited remotely by sending a crafted IPv6 packet.

  • Is there a workaround for CVE-2018-0034?

    There is no official workaround for CVE-2018-0034; upgrading to a patched version is recommended.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203