Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Vulnerabilities in ISC's DHCPD (CERT/CC #317350 and #654390)

0

0

Article ID: JSA10335 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 2.0
Legacy Advisory Id:
PSN-2004-06-004
Product Affected:
All Juniper Networks routing platforms and integrated firewall/IPSec VPN appliances
Problem:
Several vulnerabilities have been found in the Internet Software Consortium's (ISC) distribution of the Distributed Host Configuration Protocol daemon (dhcpd). These vulnerabilities might permit an attacker to execute arbitrary code with the privileges of dhcpd (typically run as root); however, no working exploit is known to exist. These vulnerabilities are described in more detail in CERT/CC Vulnerability Notes #317350 and #654390.
Solution:
Certain Juniper Networks products (E-series routers and integrated firewall/IPsec VPN appliances) include an implementation of dhcpd. However, no Juniper Networks product includes dhcpd code from ISC. Therefore, Juniper Networks products are not susceptible to these vulnerabilities.
Implementation:
Juniper Networks products are not susceptible to the vulnerabilities described above. No action is required.
Severity Level:
None
Severity Assessment:
Juniper Networks products are not susceptible to this vulnerability.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search