Vigil@nce - Juniper Junos: denial of service via SRX nsd
September 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send malicious DNS data to the nsd daemon of
Juniper Junos on SRX, in order to trigger a denial of service.
– Impacted products: JUNOS.
– Severity: 2/4.
– Creation date: 10/07/2015.
DESCRIPTION OF THE VULNERABILITY
The nsd daemon (Network Security Daemon) of Juniper Junos on SRX
performs the DNS resolution.
However, if a DNS server returns a malicious reply to SRX, the nsd
daemon stops.
An attacker can therefore send malicious DNS data to the nsd
daemon of Juniper Junos on SRX, in order to trigger a denial of
service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Juniper-Junos-denial-of-service-via-SRX-nsd-17346