Juniper Networks, Inc. Information for VU#222750
TCP/IP implementations do not adequately validate ICMP error messages
- Vendor Information Help Date Notified: 12 Aug 2004
- Statement Date:
- Date Updated: 05 May 2005
Juniper Networks M-series and T-series routers running software built prior to August 18, 2004, are susceptible to this vulnerability. Software built on or after that date disables processing of ICMP Source Quench messages, permits the user to disable Path MTU Discovery, and has additional verification enabled for PMTUD. The various forms of ICMP Unreachable messages are already ignored except during session establishment.
Other Juniper Networks products are not susceptible to this vulnerability. Customers should visit the Juniper Networks Customer Service Center web-site for further information:
The vendor has not provided us with any further information regarding this vulnerability.
If you have feedback, comments, or additional information about this vulnerability, please send us email.