CVE-2015-5363 Juniper Junos: SRX Network Security Daemon Denial of Service Vulnerability (JSA10692)

Junos OS is the FreeBSD-based operating system used in Juniper Networks hardware routers.

The SRX Network Security Daemon (nsd) in SRX Series services gateways is susceptible to a denial of service vulnerability. This issue can happen while processing certain DNS response messages for name resolution requests initiated by the SRX device. An attack would require a rogue DNS server.

Affected version
Junos 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15

On successful exploitation it allows remote DNS servers to cause a denial of service (crash) via a crafted DNS response.

Update to JUNOS version Junos OS 12.1X44-D50, 12.1X46-D35, 12.1X47-D25, 12.3X48-D15 or later.

Refer to JSA10692 for further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

JSA10692