TROYANOSYVIRUS
Back to CVEs

CVE-2018-0034

N/A

Description

A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system. This issue is limited to systems which receives IPv6 DHCP packets on a system configured for DHCP processing using the JDHCPD daemon. This issue does not affect IPv4 DHCP packet processing. Affected releases are Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S10 on EX Series; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200; 15.1X53 versions prior to 15.1X53-D471 on NFX 150, NFX 250; 16.1 versions prior to 16.1R3-S9, 16.1R4-S8, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.2 versions prior to 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S4, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R1-S3, 17.4R2.

CVE Details

CVSS v3.1 ScoreN/A
Published7/11/2018
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0

Affected Products

juniper:ex2200juniper:ex2200-cjuniper:ex2200-vcjuniper:ex2200\/vcjuniper:ex3200juniper:ex3300juniper:ex3300-vcjuniper:ex3300\/vcjuniper:ex4200juniper:ex4200-vcjuniper:ex4300juniper:ex4500juniper:ex4500-vcjuniper:ex4550juniper:ex4550-vcjuniper:ex4550\/vcjuniper:ex4600juniper:ex6200juniper:ex8200juniper:ex8200-vcjuniper:ex8200\/vc_\(xre\)juniper:ex9200juniper:junosjuniper:nfx150juniper:nfx250juniper:qfx10002juniper:qfx10008juniper:qfx10016juniper:qfx3000-gjuniper:qfx3000-mjuniper:qfx3500juniper:qfx3600juniper:qfx5100juniper:qfx5110juniper:qfx5200juniper:srx100juniper:srx110juniper:srx1400juniper:srx1500juniper:srx210juniper:srx220juniper:srx240juniper:srx300juniper:srx320juniper:srx340juniper:srx3400juniper:srx345juniper:srx3600juniper:srx4100juniper:srx4200juniper:srx5400juniper:srx550juniper:srx550_hmjuniper:srx5600juniper:srx5800juniper:srx650

Weaknesses (CWE)

CWE-20

References

http://www.securitytracker.com/id/1041338(sirt@juniper.net)
https://apps.juniper.net/feature-explorer/search.html#q=dhcp(sirt@juniper.net)
https://kb.juniper.net/JSA10868(sirt@juniper.net)
http://www.securitytracker.com/id/1041338(af854a3a-2127-422b-91ae-364da2661108)
https://apps.juniper.net/feature-explorer/search.html#q=dhcp(af854a3a-2127-422b-91ae-364da2661108)
https://kb.juniper.net/JSA10868(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.