Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2016 Greenbone AGOPENVAS:1361412562310106132
HistoryJul 14, 2016 - 12:00 a.m.

Juniper Networks Junos OS Kernel Crash With Crafted ICMP Packet Vulnerability

2016-07-1400:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
3

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.2%

JSON

Junos OS is prone to a kernel crash vulnerability.

# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/o:juniper:junos";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.106132");
  script_version("2023-07-20T05:05:17+0000");
  script_tag(name:"last_modification", value:"2023-07-20 05:05:17 +0000 (Thu, 20 Jul 2023)");
  script_tag(name:"creation_date", value:"2016-07-14 10:16:23 +0700 (Thu, 14 Jul 2016)");
  script_tag(name:"cvss_base", value:"7.1");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2017-09-01 01:29:00 +0000 (Fri, 01 Sep 2017)");

  script_tag(name:"qod_type", value:"package");

  script_tag(name:"solution_type", value:"VendorFix");

  script_cve_id("CVE-2016-1277");

  script_name("Juniper Networks Junos OS Kernel Crash With Crafted ICMP Packet Vulnerability");

  script_category(ACT_GATHER_INFO);

  script_family("JunOS Local Security Checks");
  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_dependencies("gb_juniper_junos_consolidation.nasl");
  script_mandatory_keys("juniper/junos/detected");

  script_tag(name:"summary", value:"Junos OS is prone to a kernel crash vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable OS build is present on the target host.");

  script_tag(name:"insight", value:"On Junos devices with a GRE or IPIP tunnel configured (i.e., devices
with a gr- or ip- interface), a specifically crafted ICMP packet can cause a kernel panic resulting in a
denial of service condition.

Knowledge of network specific information is required to craft such an ICMP packet. Receipt of such a packet
on any interface on the device can cause a crash.

Devices that do not have any gr- or ip- interfaces are unaffected by this issue.");

  script_tag(name:"impact", value:"An attacker may cause a kernel panic which leads to a denial of service
condition.");

  script_tag(name:"affected", value:"Junos OS 12.1, 12.3, 13.3, 14.1, 14.2 and 15.1");

  script_tag(name:"solution", value:"New builds of Junos OS software are available from Juniper.");

  script_xref(name:"URL", value:"http://kb.juniper.net/JSA10752");

  exit(0);
}

include("host_details.inc");
include("revisions-lib.inc");
include("version_func.inc");

if (!version = get_app_version(cpe: CPE, nofork: TRUE))
  exit(0);

if (revcomp(a: version, b: "12.1X46-D50") < 0) {
  report = report_fixed_ver(installed_version: version, fixed_version: "12.1X46-D50");
  security_message(port: 0, data: report);
  exit(0);
}

if (version =~ "^12") {
  if ((revcomp(a: version, b: "12.1X47-D40") < 0) &&
      (revcomp(a: version, b: "12.1X47") >= 0)) {
    report = report_fixed_ver(installed_version: version, fixed_version: "12.1X47-D40");
    security_message(port: 0, data: report);
    exit(0);
  }
  else if ((revcomp(a: version, b: "12.3X48-D30") < 0) &&
           (revcomp(a: version, b: "12.3X48") >= 0)) {
    report = report_fixed_ver(installed_version: version, fixed_version: "12.3X48-D30");
    security_message(port: 0, data: report);
    exit(0);
  }
}

if (version =~ "^13") {
  if (revcomp(a: version, b: "13.3R9") < 0) {
    report = report_fixed_ver(installed_version: version, fixed_version: "13.3R9");
    security_message(port: 0, data: report);
    exit(0);
  }
}

if (version =~ "^14") {
  if (revcomp(a: version, b: "14.1R8") < 0) {
    report = report_fixed_ver(installed_version: version, fixed_version: "14.1R8");
    security_message(port: 0, data: report);
    exit(0);
  }
  else if ((revcomp(a: version, b: "14.1X53-D40") < 0) &&
           (revcomp(a: version, b: "14.1X53") >= 0)) {
    report = report_fixed_ver(installed_version: version, fixed_version: "14.1X53-D40");
    security_message(port: 0, data: report);
    exit(0);
  }
  else if ((revcomp(a: version, b: "14.2R6") < 0) &&
           (revcomp(a: version, b: "14.2") >= 0)) {
    report = report_fixed_ver(installed_version: version, fixed_version: "14.2R6");
    security_message(port: 0, data: report);
    exit(0);
  }
}

if (version =~ "^15") {
  if (revcomp(a: version, b: "15.1F6") < 0) {
    report = report_fixed_ver(installed_version: version, fixed_version: "15.1F6");
    security_message(port: 0, data: report);
    exit(0);
  }
  else if ((revcomp(a: version, b: "15.1R3") < 0) &&
           (revcomp(a: version, b: "15.1R") >= 0)) {
    report = report_fixed_ver(installed_version: version, fixed_version: "15.1R3");
    security_message(port: 0, data: report);
    exit(0);
  }
  else if ((revcomp(a: version, b: "15.1X49-D40") < 0) &&
           (revcomp(a: version, b: "15.1X49") >= 0)) {
    report = report_fixed_ver(installed_version: version, fixed_version: "15.1X49-D40");
    security_message(port: 0, data: report);
    exit(0);
  }
}

exit(99);

Related

cvelist 1
nvd 1
prion 1
cve 1
nessus 1
threatpost 1
cvelist
cvelist
CVE-2016-1277
2016-09-09 14:00:00
nvd
nvd
CVE-2016-1277
2016-09-09 14:05:04
prion
prion
Input validation
2016-09-09 14:05:00
cve
cve
CVE-2016-1277
2016-09-09 14:05:04
nessus
nessus
Juniper Junos Crafted ICMP Packet DoS (JSA10752)
2016-07-22 00:00:00
threatpost
threatpost
Juniper Crypto Bug Let Attackers Eavesdrop on Router, Switch Traffic
2016-07-15 16:20:15

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.2%

JSON
Related for OPENVAS:1361412562310106132
cvelist1nvd1prion1cve1nessus1threatpost1