|
|
|
View Notes By
|
|
|
|
Other Documents
|
|
|
|
|
Juniper Networks Information for VU#658859
| Date Notified: | |
| Date Updated: | |
| Statement Date: | |
| Status Summary: | Vulnerable |
Vendor StatementFor registered Juniper customers, please see: https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2004-06-009&actionBtn=Search
Number PSN-2004-06-009
Title Remotely exploitable ICMPv6 denial-of-service (DoS) attack
(CERT/CC VU#658859)
Products Affected All Juniper Networks M-series and T-series routing
platforms with IPv6 enabled.
# Platforms Affected JUNOS 6.x
# Security
Revision Number 1
PSN Issue
When an incoming IPv6 packet requires the router to generate an
ICMPv6 response, the response might not be generated and the buffer
containing the original packet might not be released. Eventually the
Packet Forwarding Engine CPU might exhaust its packet memory and
reboot. This problem exists in all JUNOS Release 6.x software built
on or after February 24, 2004 running on M-series and T-series
routing platforms, and is tracked as PR/48386.
Solution
The JUNOS software has been modified to release the memory occupied
by the original IPv6 packets.
Solution Implementation
All JUNOS software built on or after June 21, 2004 includes the
corrected code. Customers running in an IPv6 environment are strongly
encouraged to upgrade their software to incorporate this correction.
Contact Juniper Networks Technical Assistance Center for availability
and download instructions.
Risk Level - High
Risk Assessment
This remotely exploitable Denial of Service attack vector exists in
all Juniper Networks M-series and T-series routing platforms on which
IPv6 is enabled.Vendor InformationThe vendor has not provided us with any further information regarding this vulnerability.
AddendumCERT/CC is tracking this issue as VU#658859. CERT/CC has been notified by Juniper that they are tracking this issue under PR/48386. Please contact the Juniper Technical Assistance Center (JTAC) for more information:
|
 |
