Juniper Networks, Inc. Information for VU#800113

Multiple DNS implementations vulnerable to cache poisoning

Status

Affected

Vendor Statement

Juniper Networks has confirmed that several of its software products are susceptible to this vulnerability.  Customers using products from the following list are encouraged to contact Juniper's Customer Support Center for more detailed information and for product updates.

Vulnerable products:
* Network firewalls running ScreenOS software
* J-series routers running JUNOS Enhanced Services Software (junos-jsr) built prior to May 23, 2008.
* Juniper switching products running JUNOS Enhanced Switching Software (junos-ex) built prior to May 23, 2008.

Other Juniper Networks products are NOT susceptible to this vulnerability.

More information is available to registered customers at
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2008-06-040&viewMode=view

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.