CVE-2018-0002— Juniper SRX Series和MX Series Junos OS

MX series, SRX series: Junos OS: Denial of service vulnerability in Flowd on devices with ALG enabled.

On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd daemon which results in an extended Denial of Service condition. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D60 on SRX series; 12.3X48 versions prior to 12.3X48-D35 on SRX series; 14.1 versions prior to 14.1R9 on MX series; 14.2 versions prior to 14.2R8 on MX series; 15.1X49 versions prior to 15.1X49-D60 on SRX series; 15.1 versions prior to 15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7 on MX series; 16.1 versions prior to 16.1R6 on MX series; 16.2 versions prior to 16.2R3 on MX series; 17.1 versions prior to 17.1R2-S4, 17.1R3 on MX series. No other Juniper Networks products or platforms are affected by this issue.

N/A

N/A

Juniper SRX Series和MX Series Junos OS

Juniper SRX Series和MX Series with Service PIC都是美国瞻博网络（Juniper Networks）公司的防火墙设备。Junos OS是运行在其中的一套操作系统。 带有Service PIC的Juniper SRX Series和MX Series设备中的Junos OS存在拒绝服务漏洞。当ALG被打开时，攻击者可借助特制的TCP/IP响应数据包利用该漏洞造成拒绝服务（内存损害和flowd守护进程崩溃）。以下版本受到影响：Juniper Junos OS 12.1

N/A

N/A