SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#658859

Juniper JUNOS Packet Forwarding Engine (PFE) IPv6 memory leak

Overview

The Juniper JUNOS Packet Forwarding Engine (PFE) leaks memory when certain IPv6 packets are submitted for processing. If an attacker submits multiple packets to a vulnerable router running IPv6-enabled PFE, the router can be repeatedly rebooted, essentially creating a denial of service for the router.

I. Description

Juniper routers running JUNOS use a Packet Forwarding Engine (PFE) to forward network packets to specified destinations. A memory leak has been found in all JUNOS PFEs released after February 24, 2004. This leak can be triggered under certain specific conditions, which may lead to memory exhaustion on vulnerable JUNOS routers. After memory exhaustion occurs, the system will reboot and resume normal operation. However, repeated attacks may cause vulnerable systems to repeatedly reboot, essentially creating a denial of service.

This issue is thought to affect only the JUNOS PFE. The JUNOS Packet Forwarding Engine (specifically, the IPv6 branch) is not derived from other code (i.e., FreeBSD).

II. Impact

A remote, unauthenticated attacker may cause a Juniper router to repeatedly reboot when multiple IPv6 packets are processed by the JUNOS of a vulnerable system. This would create a denial of service for the router.

III. Solution

Users registered at Juniper's support site should visit https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2004-06-009&actionBtn=Search

Disable IPv6 processing in the Packet Forwarding Engine.

Systems Affected

VendorStatusDate NotifiedDate Updated
Cisco Systems Inc.Not Vulnerable20-Jun-2004
Juniper NetworksVulnerable20-Jun-2004

References


https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2004-06-009&actionBtn=Search
http://www.juniper.net/support/requesting-support.html
http://www.jpcert.or.jp/at/2004/at040009.txt

Credit

Thanks to Juniper Networks for contributing to this document.

This document was written by Jeffrey S. Havrilla.

Other Information

Date Public:2004-06-29
Date First Published:2004-06-29
Date Last Updated:2004-06-29
CERT Advisory: 
CVE-ID(s):CAN-2004-0468
NVD-ID(s):CAN-2004-0468
US-CERT Technical Alerts: 
Metric:15.54
Document Revision:18

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2004 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader