CVSS: 7.5EPSS: 0%CPEs: 56EXPL: 0CVE-2019-0028 – Junos OS: RPD process crashes due to specific BGP peer restarts condition.
https://notcve.org/view.php?id=CVE-2019-0028
On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart. By simulating a specific BGP session restart, an attacker can repeatedly crash the RPD process causing prolonged denial of service (DoS). Graceful restart helper mode for BGP is enabled by default. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7; 16.1X65 versions prior to 16.1X65-D48; 16.2 versions prior to 16.2R2-S8; 17.1 versions prior to 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.2X75 versions prior to 17.2X75-D92, 17.2X75-D102, 17.2X75-D110; 17.3 versions prior to 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 18.1 versions prior to 18.1R2. • http://www.securityfocus.com/bid/107892 https://kb.juniper.net/JSA10932 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 39EXPL: 0CVE-2019-0019 – BGP packets can trigger rpd crash when BGP tracing is enabled.
https://notcve.org/view.php?id=CVE-2019-0019
When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S4, 16.1R7-S5; 16.2 versions prior to 16.2R2-S9, 16.2R3; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3-S1; 17.3 versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4; 17.4 versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4; 18.2 versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect Junos releases prior to 16.1R1. Cuando la función de rastreo BGP (Border Gateway Protocol) está activada, un mensaje BGP entrante puede provocar que el proceso rpd (Routing Protocol Daemon) del Junos OS se cierre inesperadamente y se reinicie. • http://www.securityfocus.com/bid/107893 https://kb.juniper.net/JSA10931 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 9.8EPSS: 4%CPEs: 23EXPL: 0CVE-2019-0008 – QFX5000 Series, EX4300, EX4600: A stack buffer overflow vulnerability in Packet Forwarding Engine manager (FXPC) process
https://notcve.org/view.php?id=CVE-2019-0008
A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S2, 17.3R4; 17.4 versions prior to 17.4R2-S1, 17.4R3; 18.1 versions prior to 18.1R3-S1, 18.1R4; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R2. Una cierta secuencia de paquetes BGP o IPv6 BFD válidos puede desencadenar un desbordamiento de búfer basado en pila en Junos OS Packet Forwarding Engine manager (FXPC), en dispositivos de las series QFX5000, EX4300, EX4600. Este problema puede resultar en un fallo del demonio fxpc o puede llevar a la ejecución remota del código. • http://www.securityfocus.com/bid/107897 https://kb.juniper.net/JSA10930 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 147EXPL: 0CVE-2019-0012 – Junos OS: rpd crash on VPLS PE upon receipt of specific BGP message
https://notcve.org/view.php?id=CVE-2019-0012
A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Junos OS configured as a VPLS PE allows an attacker to craft a specific BGP message to cause the routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. This issue only affects PE routers configured with BGP Auto discovery for LDP VPLS. Other BGP configurations are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D81; 12.3 versions prior to 12.3R12-S12; 12.3X48 versions prior to 12.3X48-D76; 14.1X53 versions prior to 14.1X53-D48; 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150; 15.1X53 versions prior to 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 15.1X53-D68; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S1; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R1-S5, 17.4R2; 18.1 versions prior to 18.1R2-S3, 18.1R3. • http://www.securityfocus.com/bid/106536 https://kb.juniper.net/JSA10912 •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-2019-0002 – Junos OS: EX2300 and EX3400 series: Certain stateless firewall filter rules might not take effect
https://notcve.org/view.php?id=CVE-2019-0002
On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect. When this issue occurs, the output of the command: show pfe filter hw summary will not show the entry for: RACL group Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2. This issue affect both IPv4 and IPv6 firewall filter. En las series EX2300 y EX3400, la configuración sin estado del filtro del firewall que emplea la acción "policer" junto con otras acciones podría no aplicarse. Cuando este problema ocurre, el resultado del comando show pfe filter hw summary no mostrará la entrada para: RACL group. • http://www.securityfocus.com/bid/106669 https://kb.juniper.net/JSA10901 https://www.juniper.net/documentation/en_US/junos/topics/reference/command-summary/show-pfe-filter.html • CWE-794: Incomplete Filtering of Multiple Instances of Special Elements •