漏洞类别:Hardware
漏洞等级: 
漏洞信息
Juniper JUNOS is the network operating system used in Juniper Networks hardware systems.
An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG). Repeated crashes of the Service PC can result in an extended denial of service condition. The issue can be seen only if NAT or stateful-firewall rules are configured with ALGs enabled.
Affected Version
14.1X55 from 14.1X55-D30 to releases prior to 14.1X55-D35;
14.2R from 14.2R7 to releases prior to 14.2R7-S4, 14.2R8;
15.1R from 15.1R5 to releases prior to 15.1R5-S2, 15.1R6;
16.1R from 16.1R2 to releases prior to 16.1R3-S2, 16.1R4.
漏洞危害
Repeated crashes of the Service PC can result in an extended denial of service condition.
解决方案
The following software releases have been updated to resolve this specific issue: 14.1X55-D35, 14.2R7-S4, 14.2R8, 15.1R5-S2, 15.1R6, 16.1R3-S2, 16.1R4, and all subsequent releases.
Workaround:
No known workaround exists for this issue.
If NAT and stateful-firewall are not required, disabling them in the [edit applications] stanza will mitigate this issue.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论