Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Certain crafted packets can crash Steel-Belted Radius or hijack the server machine.



Article ID: JSA10385 SECURITY_ADVISORIES Last Updated: 05 Mar 2017Version: 2.0
Legacy Advisory Id:
Product Affected:
Steel-Belted Radius v5.3.2 (MIM [Mobile IP Module]) Steel-Belted Radius v5.4.0 (Enterprise, Global Enterprise, Service Provider, and SIM Server Editions) Steel-Belted Radius v5.4.1 (Enterprise, Global Enterprise, and Service Provider Editions) Steel-Belted Radius v5.5.0 (HA [High Availability] Edition) Steel-Belted Radius v6.0.1 (Enterprise, Global Enterprise, and Service Provider Editions) Steel-Belted Radius v6.1.0 (Enterprise, Global Enterprise, and Service Provider Editions)
By sending crafted, invalid data to the TCP administration port (1813 by default) or the TCP control port (1812 by default) an attacker may be able to crash the SBR server process. An attacker may also be able to inject code that will run as root on the server machine.

If firewalls or other measures in your enterprise protect these ports well enough, then this vulnerability may not be serious for you.

This issue affects all versions of SBR built prior to July 31, 2008 running on Linux or Solaris platforms. Versions of SBR running on Windows platforms are not affected.
Juniper has created a patch for each affected version.
Please see the attached document for instructions on installing the patches.
Modification History:
Modification History:

2017-03-05: Category restructure.

Severity Level:
Severity Assessment:
This vulnerability is a remotely exploitable Denial of Service and hijack. An attacker requires no logon access or other privileges on the Steel-Belted Radius server.


Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search