CVE-2021-0276: Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authentication is configured.
First published: Wed Jul 14 2021(Updated: )
A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Steel-Belted Radius Carrier | =8.4.1 | |
| Juniper Steel-Belted Radius Carrier | =8.4.1-r13 | |
| Juniper Steel-Belted Radius Carrier | =8.5.0 | |
| Juniper Steel-Belted Radius Carrier | =8.5.0-r4 | |
| Juniper Steel-Belted Radius Carrier | =8.6.0 |
Remedy
The following software releases have been updated to resolve this specific issue: 8.4.1R19, 8.5.0R10, 8.6.0R4 and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-0276?
CVE-2021-0276 is considered a critical vulnerability that can lead to a Denial of Service (DoS).
Who is affected by CVE-2021-0276?
CVE-2021-0276 affects Juniper Networks SBR Carrier versions 8.4.1, 8.4.1-r13, 8.5.0, 8.5.0-r4, and 8.6.0 with EAP authentication configured.
How do I fix CVE-2021-0276?
To fix CVE-2021-0276, upgrade to the latest version of Juniper Networks SBR Carrier that addresses this vulnerability.
What kind of attack does CVE-2021-0276 facilitate?
CVE-2021-0276 facilitates a stack-based buffer overflow attack that can crash the radius daemon.
What are the consequences of exploiting CVE-2021-0276?
Exploiting CVE-2021-0276 can result in a Denial of Service (DoS), affecting the availability of the radius daemon.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/title
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/juniper
- canonical/juniper steel-belted radius carrier
- version/juniper steel-belted radius carrier/8.4.1
- version/juniper steel-belted radius carrier/8.4.1-r13
- version/juniper steel-belted radius carrier/8.5.0
- version/juniper steel-belted radius carrier/8.5.0-r4
- version/juniper steel-belted radius carrier/8.6.0