iTnews

Security flaw in Juniper's JunOS can be used to crash routers

By Juha Saarinen on Feb 1, 2013 12:20PM
Security flaw in Juniper's JunOS can be used to crash routers

Crafted packets roger routers.

A serious flaw in the operating system running Juniper routers can make them crash and reboot, the network equipment vendor has advised.

By sending a specially crafted transmission control protocol (TCP) packet to a listening port on a Juniper Routing Engine, it's possible to make the kernel in JunOS crash, and cause them to swich over or reboot.

The chief technical officer at New Zealand ISP and Juniper Elite partner Snap Internet, Sam Brock-Smith labelled the flaw "nasty".

"It has the potential to crash or lock up core Juniper routers," Brock-Smith said.

Snap Internet uses Juniper switches and routers extensively on its national network and at overseas locations, Brock-Smith said, adding that the provider's engineering team is working with the Juniper Technical Assistance Centre (JTAC) to ensure it is protected against the vulnerability.

 

Juniper T4000. Source: vendor

While specific details of what triggers the flaw weren't given, versions of JunOS older than January 17 are affected, Juniper said, with newer ones containing a fix for the problem.

A Juniper spokesperson confirmed the vulnerability to iTnews.

"During routine internal product testing, Juniper discovered a potential TCP vulnerability that affects certain releases of JunOS software," the spokesperson said.

"The Juniper Networks Security Incident Response Team (SIRT) is not aware of any malicious exploitation of this vulnerability.

"We are encouraging our customers to contact Juniper's Customer Support Center for a detailed advisory and solution implementation."

The spokesperson said the vendor was "committed to the responsible disclosure of security vulnerabilities."

Apart from getting a fixed version of JunOS, Juniper suggests in an advisory using access lists or firewall filters for the routers, deployed on both the edge and control plane, and source address anti-spoofing to prevent traffic from bogus addresses reaching the devices.

Unicast reverse path forwarding — which checks if the IP address in a packet is reachable and if not, drops it —  can also be utilised to mitigate against the attack, together with RFC 3682 time-to-live security.

Juniper had approximately 20 percent of the router and switch market in 2012, according to a Bloomberg report.

Update, 5/2: A spokesperson told iTnews that "fixes are available for all affected platforms."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
ddos infosec juniper junos networking security

Partner Content

Putting cyber security basics in place
Partner Content Putting cyber security basics in place
As Australian companies lean more heavily on the cloud, edge security is finding its stride
Partner Content As Australian companies lean more heavily on the cloud, edge security is finding its stride
Tackling cybersecurity in 2021
Partner Content Tackling cybersecurity in 2021
One way SD-WAN can save business leaders' time
Partner Content One way SD-WAN can save business leaders' time

Sponsored Whitepapers

Customer Identity and Access Management for Dummies
Customer Identity and Access Management for Dummies
Empowering workforces in the new environment
Empowering workforces in the new environment
Is the technology refresh dead?
Is the technology refresh dead?
DevSecOps: A framework for digital innovation
DevSecOps: A framework for digital innovation
Encryption: Protect your most critical data
Encryption: Protect your most critical data

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • [Webinar] - Transformation versus compliance – a guide for CXOs
  • "How Digital Transformation can solve the cyber challenge"
  • Masters of Microsoft Licensing
  • Is your DevSecOps stuck in first gear?
By Juha Saarinen
Feb 1 2013
12:20PM
0 Comments

Related Articles

  • US Congress seeks answers on Juniper Networks breach amid encryption fight
  • NAME:WRECK vulnerabilities could impact 100 million servers, IoT devices
  • New critical vulnerabilities found in F5 devices
  • Patch Windows to avoid denial of service attacks: Microsoft
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Kmart Australia and NZ will put a robot called TORY into every store

Kmart Australia and NZ will put a robot called TORY into every store

Aussie Broadband says some customers are switching providers to get high-speed NBN discounts

Aussie Broadband says some customers are switching providers to get high-speed NBN discounts

Swinburne University data breach exposes details of 5000 staff, students

Swinburne University data breach exposes details of 5000 staff, students

NAB sacked tech worker behind 2019 data breach

NAB sacked tech worker behind 2019 data breach

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.