Juniper Networks MX Series Routers JUNOS 'Ktree::createFourWayNode' Denial of Service Vulnerability

BID:50653

Info

Juniper Networks MX Series Routers JUNOS 'Ktree::createFourWayNode' Denial of Service Vulnerability

Bugtraq ID: 50653
Class: Failure to Handle Exceptional Conditions
CVE:
Remote: Yes
Local: No
Published: Nov 11 2011 12:00AM
Updated: Nov 03 2015 08:12PM
Credit: Reported by the vendor
Vulnerable: Juniper Networks MX960 0
Juniper Networks MX80 0
Juniper Networks MX5 0
Juniper Networks MX480 0
Juniper Networks MX40 0
Juniper Networks MX240 0
Juniper Networks MX10 0
Juniper Networks JUNOS 11.1
Juniper Networks JUNOS 10.4
Juniper Networks JUNOS 10.3
Juniper Networks JUNOS 10.2
Juniper Networks JUNOS 10.1
Juniper Networks JUNOS 10.0
Not Vulnerable: Juniper Networks JUNOS 11.2R1
Juniper Networks JUNOS 11.1R4
Juniper Networks JUNOS 10.4R6
Juniper Networks JUNOS 10.0S18

Discussion

Juniper Networks MX Series Routers JUNOS 'Ktree::createFourWayNode' Denial of Service Vulnerability

Juniper Networks JUNOS is prone to a denial-of-service vulnerability that affects the MX Series routers.

Exploiting this issue allows remote attackers to cause denial-of-service conditions.

Note: This issue only affects MX Series routers with port concentrators based on the Trio chipset (e.g. MPC or embedded into the MX80).

JUNOS 10.x prior to 10.4R6, and 11.x prior to 11.1R4 are vulnerable.

Exploit / POC

Juniper Networks MX Series Routers JUNOS 'Ktree::createFourWayNode' Denial of Service Vulnerability

Attackers can use readily available tools to exploit this issue.

Solution / Fix

Juniper Networks MX Series Routers JUNOS 'Ktree::createFourWayNode' Denial of Service Vulnerability

Solution:
Updates are available. Please contact the vendor for more information.

References

Juniper Networks MX Series Routers JUNOS 'Ktree::createFourWayNode' Denial of Service Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report