CVE-2018-0034: Junos OS: A malicious crafted IPv6 DHCP packet may cause the JDHCPD daemon to core
First published: Wed Jul 11 2018(Updated: )
A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system. This issue is limited to systems which receives IPv6 DHCP packets on a system configured for DHCP processing using the JDHCPD daemon. This issue does not affect IPv4 DHCP packet processing. Affected releases are Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S10 on EX Series; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200; 15.1X53 versions prior to 15.1X53-D471 on NFX 150, NFX 250; 16.1 versions prior to 16.1R3-S9, 16.1R4-S8, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.2 versions prior to 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S4, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R1-S3, 17.4R2.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =12.3 | |
| Juniper JUNOS | =12.3-r1 | |
| Juniper JUNOS | =12.3-r10 | |
| Juniper JUNOS | =12.3-r11 | |
| Juniper JUNOS | =12.3-r12 | |
| Juniper JUNOS | =12.3-r2 | |
| Juniper JUNOS | =12.3-r3 | |
| Juniper JUNOS | =12.3-r4 | |
| Juniper JUNOS | =12.3-r5 | |
| Juniper JUNOS | =12.3-r6 | |
| Juniper JUNOS | =12.3-r7 | |
| Juniper JUNOS | =12.3-r8 | |
| Juniper JUNOS | =12.3-r9 | |
| Juniper Ex2200 | ||
| Juniper Ex2200-c | ||
| Juniper Ex2200-vc | ||
| Juniper Ex3200 | ||
| Juniper Ex3300 | ||
| Juniper Ex3300-vc | ||
| Juniper Ex4200 | ||
| Juniper Ex4200-vc | ||
| Juniper Ex4500 | ||
| Juniper Ex4500-vc | ||
| Juniper Ex4550 | ||
| Juniper Ex4550-vc | ||
| Juniper Ex6200 | ||
| Juniper Ex8200 | ||
| Juniper Ex8200-vc | ||
| Juniper Ex9200 | ||
| Juniper JUNOS | =12.3x48 | |
| Juniper JUNOS | =12.3x48-d10 | |
| Juniper JUNOS | =12.3x48-d15 | |
| Juniper JUNOS | =12.3x48-d20 | |
| Juniper JUNOS | =12.3x48-d25 | |
| Juniper JUNOS | =12.3x48-d30 | |
| Juniper JUNOS | =12.3x48-d35 | |
| Juniper JUNOS | =12.3x48-d40 | |
| Juniper JUNOS | =12.3x48-d45 | |
| Juniper JUNOS | =12.3x48-d50 | |
| Juniper JUNOS | =12.3x48-d55 | |
| Juniper JUNOS | =12.3x48-d60 | |
| Juniper JUNOS | =12.3x48-d65 | |
| Juniper Srx100 | ||
| Juniper Srx110 | ||
| Juniper Srx1400 | ||
| Juniper Srx210 | ||
| Juniper Srx220 | ||
| Juniper Srx240 | ||
| Juniper Srx3400 | ||
| Juniper Srx3600 | ||
| Juniper Srx5400 | ||
| Juniper Srx550 | ||
| Juniper Srx5600 | ||
| Juniper Srx5800 | ||
| Juniper Srx650 | ||
| Juniper JUNOS | =14.1x53 | |
| Juniper JUNOS | =14.1x53-d10 | |
| Juniper JUNOS | =14.1x53-d15 | |
| Juniper JUNOS | =14.1x53-d16 | |
| Juniper JUNOS | =14.1x53-d20 | |
| Juniper JUNOS | =14.1x53-d25 | |
| Juniper JUNOS | =14.1x53-d26 | |
| Juniper JUNOS | =14.1x53-d27 | |
| Juniper JUNOS | =14.1x53-d30 | |
| Juniper JUNOS | =14.1x53-d35 | |
| Juniper JUNOS | =14.1x53-d40 | |
| Juniper JUNOS | =14.1x53-d42 | |
| Juniper JUNOS | =14.1x53-d43 | |
| Juniper JUNOS | =14.1x53-d44 | |
| Juniper JUNOS | =14.1x53-d45 | |
| Juniper JUNOS | =14.1x53-d46 | |
| Juniper Ex2200\/vc | ||
| Juniper Ex3300\/vc | ||
| Juniper Ex4300 | ||
| Juniper Ex4550\/vc | ||
| Juniper EX4600 | ||
| Juniper Ex8200\/vc \(xre\) | ||
| Juniper Qfx3500 | ||
| Juniper Qfx3600 | ||
| Juniper Qfx5100 | ||
| Juniper JUNOS | =14.1x53-d121 | |
| Juniper JUNOS | =14.1x53-d47 | |
| Juniper Qfx3000-g | ||
| Juniper Qfx3000-m | ||
| Juniper JUNOS | =15.1 | |
| Juniper JUNOS | =15.1-f2 | |
| Juniper JUNOS | =15.1-f3 | |
| Juniper JUNOS | =15.1-f4 | |
| Juniper JUNOS | =15.1-f5 | |
| Juniper JUNOS | =15.1-r1 | |
| Juniper JUNOS | =15.1-r2 | |
| Juniper JUNOS | =15.1-r3 | |
| Juniper JUNOS | =15.1-r4 | |
| Juniper JUNOS | =15.1-r6-s6 | |
| Juniper JUNOS | =15.1-r7 | |
| Juniper JUNOS | =15.1x49 | |
| Juniper JUNOS | =15.1x49-d10 | |
| Juniper JUNOS | =15.1x49-d100 | |
| Juniper JUNOS | =15.1x49-d110 | |
| Juniper JUNOS | =15.1x49-d120 | |
| Juniper JUNOS | =15.1x49-d130 | |
| Juniper JUNOS | =15.1x49-d20 | |
| Juniper JUNOS | =15.1x49-d30 | |
| Juniper JUNOS | =15.1x49-d35 | |
| Juniper JUNOS | =15.1x49-d40 | |
| Juniper JUNOS | =15.1x49-d45 | |
| Juniper JUNOS | =15.1x49-d50 | |
| Juniper JUNOS | =15.1x49-d60 | |
| Juniper JUNOS | =15.1x49-d65 | |
| Juniper JUNOS | =15.1x49-d70 | |
| Juniper JUNOS | =15.1x49-d75 | |
| Juniper JUNOS | =15.1x49-d80 | |
| Juniper JUNOS | =15.1x49-d90 | |
| Juniper Srx1500 | ||
| Juniper Srx300 | ||
| Juniper Srx320 | ||
| Juniper Srx340 | ||
| Juniper Srx345 | ||
| Juniper Srx4100 | ||
| Juniper Srx4200 | ||
| Juniper Srx550 Hm | ||
| Juniper JUNOS | =15.1x53 | |
| Juniper JUNOS | =15.1x53-d10 | |
| Juniper JUNOS | =15.1x53-d20 | |
| Juniper JUNOS | =15.1x53-d21 | |
| Juniper JUNOS | =15.1x53-d30 | |
| Juniper JUNOS | =15.1x53-d32 | |
| Juniper JUNOS | =15.1x53-d33 | |
| Juniper JUNOS | =15.1x53-d34 | |
| Juniper JUNOS | =15.1x53-d40 | |
| Juniper JUNOS | =15.1x53-d45 | |
| Juniper JUNOS | =15.1x53-d50 | |
| Juniper JUNOS | =15.1x53-d51 | |
| Juniper JUNOS | =15.1x53-d52 | |
| Juniper JUNOS | =15.1x53-d55 | |
| Juniper JUNOS | =15.1x53-d56 | |
| Juniper JUNOS | =15.1x53-d57 | |
| Juniper JUNOS | =15.1x53-d58 | |
| Juniper JUNOS | =15.1x53-d59 | |
| Juniper JUNOS | =15.1x53-d60 | |
| Juniper JUNOS | =15.1x53-d61 | |
| Juniper JUNOS | =15.1x53-d62 | |
| Juniper JUNOS | =15.1x53-d63 | |
| Juniper JUNOS | =15.1x53-d64 | |
| Juniper JUNOS | =15.1x53-d65 | |
| Juniper JUNOS | =15.1x53-d66 | |
| Juniper Qfx10002 | ||
| Juniper Qfx10008 | ||
| Juniper Qfx10016 | ||
| Juniper JUNOS | =15.1x53-d210 | |
| Juniper JUNOS | =15.1x53-d230 | |
| Juniper JUNOS | =15.1x53-d231 | |
| Juniper JUNOS | =15.1x53-d232 | |
| Juniper JUNOS | =15.1x53-d67 | |
| Juniper Qfx5110 | ||
| Juniper Qfx5200 | ||
| Juniper Nfx150 | ||
| Juniper Nfx250 | ||
| Juniper JUNOS | =16.1 | |
| Juniper JUNOS | =16.1-r1 | |
| Juniper JUNOS | =16.1-r2 | |
| Juniper JUNOS | =16.1-r3 | |
| Juniper JUNOS | =16.1-r4-s8 | |
| Juniper JUNOS | =16.1-r5-s4 | |
| Juniper JUNOS | =16.1-r6-s3 | |
| Juniper JUNOS | =16.1-r7 | |
| Juniper JUNOS | =16.2 | |
| Juniper JUNOS | =16.2-r1 | |
| Juniper JUNOS | =16.2-r2 | |
| Juniper JUNOS | =16.2-r3 | |
| Juniper JUNOS | =17.1 | |
| Juniper JUNOS | =17.1-r1 | |
| Juniper JUNOS | =17.1-r2-s7 | |
| Juniper JUNOS | =17.1-r3 | |
| Juniper JUNOS | =17.2 | |
| Juniper JUNOS | =17.2-r1 | |
| Juniper JUNOS | =17.2-r2-s4 | |
| Juniper JUNOS | =17.2-r3 | |
| Juniper JUNOS | =17.3 | |
| Juniper JUNOS | =17.3-r1 | |
| Juniper JUNOS | =17.3-r2-s2 | |
| Juniper JUNOS | =17.3-r3 | |
| Juniper JUNOS | =17.4 | |
| Juniper JUNOS | =17.4-r1 | |
| Juniper JUNOS | =17.4-r2 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS 12.3R12-S10, 12.3X48-D70, 14.1X53-D130*, 14.1X53-D47, 15.1R4-S9, 15.1R6-S6, 15.1R7, 15.1X49-D140, 15.1X53-D233, 15.1X53-D471, 15.1X53-D67, 16.1R3-S9, 16.1R4-S8, 16.1R5-S4, 16.1R6-S3, 16.1R7, 16.2R2-S5, 16.2R3, 17.1R1-S7, 17.1R2-S7, 17.1R3, 17.2R1-S6, 17.2R2-S4, 17.2R3, 17.3R1-S4, 17.3R2-S2, 17.3R3, 17.4R1-S3, 17.4R2, 18.1R1, and all subsequent releases. *Pending Publication
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/title
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/12.3
- version/juniper junos/12.3-r1
- version/juniper junos/12.3-r10
- version/juniper junos/12.3-r11
- version/juniper junos/12.3-r12
- version/juniper junos/12.3-r2
- version/juniper junos/12.3-r3
- version/juniper junos/12.3-r4
- version/juniper junos/12.3-r5
- version/juniper junos/12.3-r6
- version/juniper junos/12.3-r7
- version/juniper junos/12.3-r8
- version/juniper junos/12.3-r9
- canonical/juniper ex2200
- canonical/juniper ex2200-c
- canonical/juniper ex2200-vc
- canonical/juniper ex3200
- canonical/juniper ex3300
- canonical/juniper ex3300-vc
- canonical/juniper ex4200
- canonical/juniper ex4200-vc
- canonical/juniper ex4500
- canonical/juniper ex4500-vc
- canonical/juniper ex4550
- canonical/juniper ex4550-vc
- canonical/juniper ex6200
- canonical/juniper ex8200
- canonical/juniper ex8200-vc
- canonical/juniper ex9200
- version/juniper junos/12.3x48
- version/juniper junos/12.3x48-d10
- version/juniper junos/12.3x48-d15
- version/juniper junos/12.3x48-d20
- version/juniper junos/12.3x48-d25
- version/juniper junos/12.3x48-d30
- version/juniper junos/12.3x48-d35
- version/juniper junos/12.3x48-d40
- version/juniper junos/12.3x48-d45
- version/juniper junos/12.3x48-d50
- version/juniper junos/12.3x48-d55
- version/juniper junos/12.3x48-d60
- version/juniper junos/12.3x48-d65
- canonical/juniper srx100
- canonical/juniper srx110
- canonical/juniper srx1400
- canonical/juniper srx210
- canonical/juniper srx220
- canonical/juniper srx240
- canonical/juniper srx3400
- canonical/juniper srx3600
- canonical/juniper srx5400
- canonical/juniper srx550
- canonical/juniper srx5600
- canonical/juniper srx5800
- canonical/juniper srx650
- version/juniper junos/14.1x53
- version/juniper junos/14.1x53-d10
- version/juniper junos/14.1x53-d15
- version/juniper junos/14.1x53-d16
- version/juniper junos/14.1x53-d20
- version/juniper junos/14.1x53-d25
- version/juniper junos/14.1x53-d26
- version/juniper junos/14.1x53-d27
- version/juniper junos/14.1x53-d30
- version/juniper junos/14.1x53-d35
- version/juniper junos/14.1x53-d40
- version/juniper junos/14.1x53-d42
- version/juniper junos/14.1x53-d43
- version/juniper junos/14.1x53-d44
- version/juniper junos/14.1x53-d45
- version/juniper junos/14.1x53-d46
- canonical/juniper ex2200\/vc
- canonical/juniper ex3300\/vc
- canonical/juniper ex4300
- canonical/juniper ex4550\/vc
- canonical/juniper ex4600
- canonical/juniper ex8200\/vc \(xre\)
- canonical/juniper qfx3500
- canonical/juniper qfx3600
- canonical/juniper qfx5100
- version/juniper junos/14.1x53-d121
- version/juniper junos/14.1x53-d47
- canonical/juniper qfx3000-g
- canonical/juniper qfx3000-m
- version/juniper junos/15.1
- version/juniper junos/15.1-f2
- version/juniper junos/15.1-f3
- version/juniper junos/15.1-f4
- version/juniper junos/15.1-f5
- version/juniper junos/15.1-r1
- version/juniper junos/15.1-r2
- version/juniper junos/15.1-r3
- version/juniper junos/15.1-r4
- version/juniper junos/15.1-r6-s6
- version/juniper junos/15.1-r7
- version/juniper junos/15.1x49
- version/juniper junos/15.1x49-d10
- version/juniper junos/15.1x49-d100
- version/juniper junos/15.1x49-d110
- version/juniper junos/15.1x49-d120
- version/juniper junos/15.1x49-d130
- version/juniper junos/15.1x49-d20
- version/juniper junos/15.1x49-d30
- version/juniper junos/15.1x49-d35
- version/juniper junos/15.1x49-d40
- version/juniper junos/15.1x49-d45
- version/juniper junos/15.1x49-d50
- version/juniper junos/15.1x49-d60
- version/juniper junos/15.1x49-d65
- version/juniper junos/15.1x49-d70
- version/juniper junos/15.1x49-d75
- version/juniper junos/15.1x49-d80
- version/juniper junos/15.1x49-d90
- canonical/juniper srx1500
- canonical/juniper srx300
- canonical/juniper srx320
- canonical/juniper srx340
- canonical/juniper srx345
- canonical/juniper srx4100
- canonical/juniper srx4200
- canonical/juniper srx550 hm
- version/juniper junos/15.1x53
- version/juniper junos/15.1x53-d10
- version/juniper junos/15.1x53-d20
- version/juniper junos/15.1x53-d21
- version/juniper junos/15.1x53-d30
- version/juniper junos/15.1x53-d32
- version/juniper junos/15.1x53-d33
- version/juniper junos/15.1x53-d34
- version/juniper junos/15.1x53-d40
- version/juniper junos/15.1x53-d45
- version/juniper junos/15.1x53-d50
- version/juniper junos/15.1x53-d51
- version/juniper junos/15.1x53-d52
- version/juniper junos/15.1x53-d55
- version/juniper junos/15.1x53-d56
- version/juniper junos/15.1x53-d57
- version/juniper junos/15.1x53-d58
- version/juniper junos/15.1x53-d59
- version/juniper junos/15.1x53-d60
- version/juniper junos/15.1x53-d61
- version/juniper junos/15.1x53-d62
- version/juniper junos/15.1x53-d63
- version/juniper junos/15.1x53-d64
- version/juniper junos/15.1x53-d65
- version/juniper junos/15.1x53-d66
- canonical/juniper qfx10002
- canonical/juniper qfx10008
- canonical/juniper qfx10016
- version/juniper junos/15.1x53-d210
- version/juniper junos/15.1x53-d230
- version/juniper junos/15.1x53-d231
- version/juniper junos/15.1x53-d232
- version/juniper junos/15.1x53-d67
- canonical/juniper qfx5110
- canonical/juniper qfx5200
- canonical/juniper nfx150
- canonical/juniper nfx250
- version/juniper junos/16.1
- version/juniper junos/16.1-r1
- version/juniper junos/16.1-r2
- version/juniper junos/16.1-r3
- version/juniper junos/16.1-r4-s8
- version/juniper junos/16.1-r5-s4
- version/juniper junos/16.1-r6-s3
- version/juniper junos/16.1-r7
- version/juniper junos/16.2
- version/juniper junos/16.2-r1
- version/juniper junos/16.2-r2
- version/juniper junos/16.2-r3
- version/juniper junos/17.1
- version/juniper junos/17.1-r1
- version/juniper junos/17.1-r2-s7
- version/juniper junos/17.1-r3
- version/juniper junos/17.2
- version/juniper junos/17.2-r1
- version/juniper junos/17.2-r2-s4
- version/juniper junos/17.2-r3
- version/juniper junos/17.3
- version/juniper junos/17.3-r1
- version/juniper junos/17.3-r2-s2
- version/juniper junos/17.3-r3
- version/juniper junos/17.4
- version/juniper junos/17.4-r1
- version/juniper junos/17.4-r2