Juniper Networks Information for VU#738331
Domain Name System (DNS) resolver libraries vulnerable to read buffer overflow
Juniper Networks has determined that its JUNOS Internet Software, used on the M- and T-series of router products, is susceptible to this vulnerability in versions 5.2R1.4, 5.2R2.3, 5.2R3.4, 5.2R4.4, 5.3R1.2, 5.3R2.4, 5.3R3.3, and 5.4R1.4. Customers should contact Juniper or their Juniper reseller to obtain an updated version of JUNOS software.
Juniper Networks has determined that the operating software used on the ERX router products is not susceptible to this vulnerability. No software upgrade is required. However, the SDX-300 Service Deployment system may be susceptible if it is installed on a susceptible host platform. Users of SDX-300 should contact their host operating system vendor regarding this advisory.
The Juniper Networks G10 CMTS product is not susceptible to this vulnerability. No upgrade is required.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.