Juniper Networks, Inc.
Notified: August 12, 2004 Updated: May 05, 2005
Juniper Networks M-series and T-series routers running software built prior to August 18, 2004, are susceptible to this vulnerability. Software built on or after that date disables processing of ICMP Source Quench messages, permits the user to disable Path MTU Discovery, and has additional verification enabled for PMTUD. The various forms of ICMP Unreachable messages are already ignored except during session establishment. Other Juniper Networks products are not susceptible to this vulnerability. Customers should visit the Juniper Networks Customer Service Center web-site for further information: http://www.juniper.net/customers/csc
The vendor has not provided us with any further information regarding this vulnerability.
Please see http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en and https://www.juniper.net/customers/csc.