Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if SIP ALG is enabled and a malformed SIP packet is received
Description
A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon (flowd) will crash and restart. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2; 22.2 versions prior to 22.2R1-S1, 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1 on SRX Series.
Affected products
220.4 < 20.4R3-S5, 21.1 < 21.1R3-S4, 21.2 < 21.2R3-S2, 21.3 < 21.3R3-S1, 21.4 < 21.4R3, 22.1 < 22.1R1-S2,22.1R2, 22.2 < 22.2R1-S1,22.2R2+ 1 more
- (no CPE)range: 20.4 < 20.4R3-S5, 21.1 < 21.1R3-S4, 21.2 < 21.2R3-S2, 21.3 < 21.3R3-S1, 21.4 < 21.4R3, 22.1 < 22.1R1-S2,22.1R2, 22.2 < 22.2R1-S1,22.2R2
- (no CPE)range: 20.4
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.