By Dan Goodin in San Francisco
7th January 2010
Juniper Networks is warning customers of a critical flaw in its gateway
routers that allows attackers to crash the devices by sending them small
amounts of easily-spoofed traffic.
In an advisory sent Wednesday afternoon, the networking company said a
variety of devices could be forced to reboot by sending them internet
packets with maliciously formed TCP options. The flaw affects versions 3
through 10 of Junos, the operating system that powers devices at ISPs,
backbones, and other large networks. Software releases built on or after
January 28, 2009 have already fixed the issue.
"The Junos kernel will crash (i.e. core) when a specifically crafted TCP
option is received on a listening TCP port," the bulletin, which was
issued by Juniper's technical assistance center, stated. "The packet
cannot be filtered with Junos's firewall filter. A router receiving this
specific TCP packet will crash and reboot."
There are "no totally effective workarounds," the bulletin added.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News