Security flaw in Juniper's JunOS can be used to crash routers

Powered by SC Magazine
 

Crafted packets roger routers.

A serious flaw in the operating system running Juniper routers can make them crash and reboot, the network equipment vendor has advised.

By sending a specially crafted transmission control protocol (TCP) packet to a listening port on a Juniper Routing Engine, it's possible to make the kernel in JunOS crash, and cause them to swich over or reboot.

The chief technical officer at New Zealand ISP and Juniper Elite partner Snap Internet, Sam Brock-Smith labelled the flaw "nasty".

"It has the potential to crash or lock up core Juniper routers," Brock-Smith said.

Snap Internet uses Juniper switches and routers extensively on its national network and at overseas locations, Brock-Smith said, adding that the provider's engineering team is working with the Juniper Technical Assistance Centre (JTAC) to ensure it is protected against the vulnerability.

 

Juniper T4000. Source: vendor

While specific details of what triggers the flaw weren't given, versions of JunOS older than January 17 are affected, Juniper said, with newer ones containing a fix for the problem.

A Juniper spokesperson confirmed the vulnerability to iTnews.

"During routine internal product testing, Juniper discovered a potential TCP vulnerability that affects certain releases of JunOS software," the spokesperson said.

"The Juniper Networks Security Incident Response Team (SIRT) is not aware of any malicious exploitation of this vulnerability.

"We are encouraging our customers to contact Juniper's Customer Support Center for a detailed advisory and solution implementation."

The spokesperson said the vendor was "committed to the responsible disclosure of security vulnerabilities."

Apart from getting a fixed version of JunOS, Juniper suggests in an advisory using access lists or firewall filters for the routers, deployed on both the edge and control plane, and source address anti-spoofing to prevent traffic from bogus addresses reaching the devices.

Unicast reverse path forwarding — which checks if the IP address in a packet is reachable and if not, drops it —  can also be utilised to mitigate against the attack, together with RFC 3682 time-to-live security.

Juniper had approximately 20 percent of the router and switch market in 2012, according to a Bloomberg report.

Update, 5/2: A spokesperson told iTnews that "fixes are available for all affected platforms."

Copyright © iTnews.com.au . All rights reserved.


Security flaw in Juniper's JunOS can be used to crash routers
 
 
 
Top Stories
Business-focused Windows 10 brings back the Start menu
Microsoft skips 9 for the "greatest enterprise platform ever".
 
Feeling Shellshocked?
Stay up to date with patching for the Bash bug.
 
Amazon forced to reboot EC2 to patch Xen bug
Rolling restarts over next week.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  66%
 
Advanced persistent threats
  4%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1357

Vote