Juniper Networks Junos OS QFX Series: PFE DoS Vulnerability (JSA10747)

# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/o:juniper:junos";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.106071");
  script_version("2023-07-20T05:05:17+0000");
  script_tag(name:"last_modification", value:"2023-07-20 05:05:17 +0000 (Thu, 20 Jul 2023)");
  script_tag(name:"creation_date", value:"2016-05-07 00:09:38 +0200 (Sat, 07 May 2016)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2016-04-20 21:31:00 +0000 (Wed, 20 Apr 2016)");

  script_tag(name:"qod_type", value:"package");

  script_tag(name:"solution_type", value:"VendorFix");

  script_cve_id("CVE-2016-1274");

  script_name("Juniper Networks Junos OS QFX Series: PFE DoS Vulnerability (JSA10747)");

  script_category(ACT_GATHER_INFO);

  script_family("JunOS Local Security Checks");
  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_dependencies("gb_juniper_junos_consolidation.nasl");
  script_mandatory_keys("juniper/junos/detected", "juniper/junos/model");

  script_tag(name:"summary", value:"Junos OS on QFX series is prone to a denial of service (DoS)
  vulnerability in PFE.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable OS build is present on the target host.");

  script_tag(name:"insight", value:"A vulnerability in handling high rate of certain VXLAN packets
  may result in a PFE panic causing a denial of service condition. This issue can occur only when
  ping or traceroute command with overlay option is being run on the device.

  This issue only affects the QFX series devices with Junos 14.1X53 prior to 14.1X53-D30.
  QFX 10k series devices are not affected.");

  script_tag(name:"impact", value:"An attacker may cause a PFE panic which leads to a denial of
  service condition.");

  script_tag(name:"affected", value:"Junos OS 14.1.");

  script_tag(name:"solution", value:"New builds of Junos OS software are available from Juniper.

  As a workaround disable VXLAN or block VXLAN packets.");

  script_xref(name:"URL", value:"http://kb.juniper.net/JSA10747");

  exit(0);
}

include("host_details.inc");
include("revisions-lib.inc");
include("version_func.inc");

model = get_kb_item("juniper/junos/model");
if (!model || model !~ "^QFX(35|36|51|52)00")
  exit(99);

if (!version = get_app_version(cpe: CPE, nofork: TRUE))
  exit(0);

if ((revcomp(a: version, b: "14.1X53-D30") < 0) &&
    (revcomp(a: version, b: "14.1X53") >= 0)) {
  report = report_fixed_ver(installed_version: version, fixed_version: "14.1X53-D30");
  security_message(port: 0, data: report);
  exit(0);
}

exit(99);