Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.JUNIPER_JSA10811.NASL
HistoryOct 20, 2017 - 12:00 a.m.

Juniper Junos SRX Flowd Crash Vulnerability (JSA10811)

2017-10-2000:00:00
This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
www.tenable.com
56

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

46.3%

JSON

According to its self-reported version number, the remote Junos device is affected by a vulnerability where one or more ALGs enabled may cause a flowd crash when traffic is processed by the Sun/MS-RPC ALGs.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(104033);
  script_version("1.4");
  script_cvs_date("Date: 2018/07/12 19:01:16");

  script_cve_id("CVE-2017-10608");
  script_xref(name:"JSA", value:"JSA10811");

  script_name(english:"Juniper Junos SRX Flowd Crash Vulnerability (JSA10811)");
  script_summary(english:"Checks the Junos version and build date.");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the remote Junos device
is affected by a vulnerability where one or more ALGs enabled may 
cause a flowd crash when traffic is processed by the Sun/MS-RPC ALGs.");
  # https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10811&actp=METADATA
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?19d29f37");
  script_set_attribute(attribute:"solution", value:
"Apply the relevant Junos software release or workarounds referenced in
Juniper advisory JSA10811.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/10/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/10/20");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:juniper:junos");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Junos Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.");

  script_dependencies("junos_version.nasl");
  script_require_keys("Host/Juniper/JUNOS/Version", "Host/Juniper/model", "Settings/ParanoidReport");

  exit(0);
}

include("audit.inc");
include("junos_kb_cmd_func.inc");
include("global_settings.inc");

# Since we're unable to check the config we're making this paranoid
if (report_paranoia < 2) audit(AUDIT_PARANOID);

ver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');
model = get_kb_item_or_exit('Host/Juniper/model');

if (model !~ "^SRX")
  audit(AUDIT_HOST_NOT, 'a SRX device');

# 12.1X46 prior to 12.1X46-D55 
# 12.1X47 prior to 12.1X47-D45 
# 12.3X48 prior to 12.3X48-D32 or 12.3X48-D35 
# 15.1X49 prior to 15.1X49-D60
fixes = make_array();
fixes['12.1X46']        = '12.1X46-D55';
fixes['12.1X47']        = '12.1X47-D45';
fixes['12.3X48']        = '12.3X48-D32';
fixes['15.1X49']        = '15.1X49-D60';

fix = check_junos(ver:ver, fixes:fixes, exit_on_fail:TRUE);

override = FALSE;

junos_report(ver:ver, fix:fix, override:override, severity:SECURITY_HOLE);

Related

nvd 1
cve 1
prion 1
cvelist 1
nvd
nvd
CVE-2017-10608
2017-10-13 17:29:00
cve
cve
CVE-2017-10608
2017-10-13 17:29:00
prion
prion
Design/Logic Flaw
2017-10-13 17:29:00
cvelist
cvelist
CVE-2017-10608 SRX series: Junos OS: SRX series using IPv6 Sun/MS-RPC ALGs may experience flowd crash on processing packets.
2017-10-13 17:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

46.3%

JSON
Related for JUNIPER_JSA10811.NASL
nvd1cve1prion1cvelist1