[ISN] Easily spoofed traffic can crash routers, Juniper warns

From: InfoSec News <alerts_at_private>
Date: Fri, 8 Jan 2010 04:47:48 -0600 (CST)
http://www.theregister.co.uk/2010/01/07/juniper_critical_router_bug/

By Dan Goodin in San Francisco
The Register
7th January 2010

Juniper Networks is warning customers of a critical flaw in its gateway 
routers that allows attackers to crash the devices by sending them small 
amounts of easily-spoofed traffic.

In an advisory sent Wednesday afternoon, the networking company said a 
variety of devices could be forced to reboot by sending them internet 
packets with maliciously formed TCP options. The flaw affects versions 3 
through 10 of Junos, the operating system that powers devices at ISPs, 
backbones, and other large networks. Software releases built on or after 
January 28, 2009 have already fixed the issue.

"The Junos kernel will crash (i.e. core) when a specifically crafted TCP 
option is received on a listening TCP port," the bulletin, which was 
issued by Juniper's technical assistance center, stated. "The packet 
cannot be filtered with Junos's firewall filter. A router receiving this 
specific TCP packet will crash and reboot."

There are "no totally effective workarounds," the bulletin added.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org
Received on Fri Jan 08 2010 - 02:47:48 PST

This archive was generated by hypermail 2.2.0 : Fri Jan 08 2010 - 02:56:32 PST