Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-0002
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
MX series, SRX series: Junos OS: Denial of service vulnerability in Flowd on devices with ALG enabled.
Source: NVD (National Vulnerability Database)
Vulnerability Description
On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd daemon which results in an extended Denial of Service condition. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D60 on SRX series; 12.3X48 versions prior to 12.3X48-D35 on SRX series; 14.1 versions prior to 14.1R9 on MX series; 14.2 versions prior to 14.2R8 on MX series; 15.1X49 versions prior to 15.1X49-D60 on SRX series; 15.1 versions prior to 15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7 on MX series; 16.1 versions prior to 16.1R6 on MX series; 16.2 versions prior to 16.2R3 on MX series; 17.1 versions prior to 17.1R2-S4, 17.1R3 on MX series. No other Juniper Networks products or platforms are affected by this issue.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Juniper SRX Series和MX Series Junos OS
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Juniper SRX Series和MX Series with Service PIC都是美国瞻博网络(Juniper Networks)公司的防火墙设备。Junos OS是运行在其中的一套操作系统。 带有Service PIC的Juniper SRX Series和MX Series设备中的Junos OS存在拒绝服务漏洞。当ALG被打开时,攻击者可借助特制的TCP/IP响应数据包利用该漏洞造成拒绝服务(内存损害和flowd守护进程崩溃)。以下版本受到影响:Juniper Junos OS 12.1
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
Juniper NetworksJunos OS 12.1X46 ~ 12.1X46-D60 -
Juniper NetworksJunos OS 14.1 ~ 14.1R9 -
II. Public POCs for CVE-2018-0002
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2018-0002
Please Login to view more intelligence information
New Vulnerabilities
Product: Junos OS
Vendor: Juniper Networks
V. Comments for CVE-2018-0002

No comments yet

Leave a comment