Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12.1X44 before D40, 12.1X46 before D30, 12.1X47 before D11 and 12.147-D15, 12.1X48 before D41 and D62, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S2, 13.1X49 before D49, 13.1X50 before 30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D25, 13.2X52 before D15, 13.3 before R2, and 14.1 before R1, when supporting 4-byte AS numbers and a BGP peer does not, allows remote attackers to cause a denial of service (memory corruption and RDP routing process crash and restart) via crafted transitive attributes in a BGP UPDATE.
References
Link | Resource |
---|---|
http://www.securitytracker.com/id/1031009 | |
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10653 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2014-10-14 14:55
Updated : 2024-02-04 18:35
NVD link : CVE-2014-3818
Mitre link : CVE-2014-3818
CVE.ORG link : CVE-2014-3818
JSON object : View
Products Affected
juniper
- junos
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer