7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
8.7 High
AI Score
Confidence
High
0.877 High
EPSS
Percentile
98.7%
Denial of Service vulnerability in Junos ISC Bind version.
# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/o:juniper:junos";
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.105996");
script_cve_id("CVE-2014-8500");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_version("2023-07-25T05:05:58+0000");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Juniper Networks Junos OS Bind Denial of Service Vulnerability");
script_xref(name:"URL", value:"http://kb.juniper.net/JSA10676");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/71590");
script_tag(name:"summary", value:"Denial of Service vulnerability in Junos ISC Bind version.");
script_tag(name:"impact", value:"An network based attacker can cause a denial of service condition
on SRX devices.");
script_tag(name:"insight", value:"ISC BIND software included with Junos for SRX series devices
is affected by CVE-2014-8500. This issue only affects SRX devices where 'set system services dns dns-proxy'
has been configured. This is not enabled by default on SRX devices. This issue does not affect other
Junos OS based devices as they do not have BIND DNS server feature.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable OS build is present on the target host.");
script_tag(name:"solution", value:"New builds of Junos OS software are available from Juniper.");
script_tag(name:"affected", value:"Junos OS 12.1X44, 12.1X46 and 12.1X47 on SRX devices");
script_tag(name:"last_modification", value:"2023-07-25 05:05:58 +0000 (Tue, 25 Jul 2023)");
script_tag(name:"creation_date", value:"2015-05-28 10:52:59 +0700 (Thu, 28 May 2015)");
script_category(ACT_GATHER_INFO);
script_family("JunOS Local Security Checks");
script_copyright("Copyright (C) 2015 Greenbone AG");
script_dependencies("gb_juniper_junos_consolidation.nasl");
script_mandatory_keys("juniper/junos/detected", "juniper/junos/model");
exit(0);
}
include("host_details.inc");
include("revisions-lib.inc");
model = get_kb_item("juniper/junos/model");
if (!model || (model !~ '^SRX[0-9]+'))
exit(99);
if (!version = get_app_version(cpe: CPE, nofork: TRUE))
exit(0);
if (version =~ "^12") {
if ((revcomp(a:version, b:"12.1X44-D50") < 0) &&
(revcomp(a:version, b:"12.1X44") >= 0)) {
security_message(port:0, data:version);
exit(0);
}
else if ((revcomp(a:version, b:"12.1X46-D35") < 0) &&
(revcomp(a:version, b:"12.1X46") >= 0)) {
security_message(port:0, data:version);
exit(0);
}
else if ((revcomp(a:version, b:"12.1X47-D25") < 0) &&
(revcomp(a:version, b:"12.1X47") >= 0)) {
security_message(port:0, data:version);
exit(0);
}
}
exit(99);