Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6385

Overview

Vulnerability Score 6.1 6.1
CVE Id CVE-2014-6385
Last Modified 26 Jan 2015 02:37:47
Published 16 Jan 2015 11:59:06
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-6385

Summary

Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, 12.2 before 12.2R9, 12.3R7 before 12.3R7-S1, 12.3 before 12.3R8, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R2, and 14.2 before 14.2R1 allows remote attackers to cause a denial of service (kernel crash and restart) via a crafted fragmented OSPFv3 packet with an IPsec Authentication Header (AH).

Vulnerable Systems

Operating System

  • Juniper Junos 11.4

  • Juniper Junos 12.1x44

  • Juniper Junos 12.1x46

  • Juniper Junos 12.1x47

  • Juniper Junos 12.2

  • Juniper Junos 12.3

  • Juniper Junos 13.1

  • Juniper Junos 13.2

  • Juniper Junos 13.3

  • Juniper Junos 14.1

  • Juniper Junos 14.2


References

CONFIRM - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10668

BID - 72072


Last Updated: 27 May 2016 11:07:38