Juniper’s Junos Could Open Routers to TCP Attacks

UPDATE Some systems running older versions of Juniper Networks’ Junos OS software could be vulnerable to a transmission control protocol (TCP) flaw that can enable a hacker to crash and reboot certain routers.

UPDATE Some systems running older versions of Juniper Networks’ Junos OS software could be vulnerable to a transmission control protocol (TCP) flaw that can enable a hacker to crash and reboot certain routers.

According to Australia’s IT News, an attacker could send a specially crafted TCP packet to a listening port on a Juniper Routing Engine that could crash the kernel and reboot the system. The site claims systems that use versions of Junos older than Jan. 17 are directly affected, but that recent versions contain a fix for the problem.

When contacted Friday, officials from Juniper Networks confirmed the TCP vulnerability, maintaining that the problem was found during routine internal product testing. Cindy Ta, the director of corporate communications at Juniper Networks however asserts the company’s Security Incident Response Team (SIRT) has been unable to document any malicious exploits that use the vulnerability so far.

The company is instructing any concerned customers to contact Juniper Customer Support, which classifies the issue as a “high alert” vulnerability, for further information and solutions.

Juniper’s advisory suggests users use access lists or firewall filters for their routers, “deployed on both the edge and control plane, and source address anti-spoofing to prevent traffic from bogus addresses reaching the devices.” Unicast reverse-path-forwarding, a tool that can be used to reduce the forwarding of potentially dangerous IP packets can also be used to prevent exploits, Juniper said.

UPDATE: Juniper reports customers can now “obtain updated code through their normal support channels.” Customers are also encouraged to contact Juniper’s Customer Support Center for  further “solution implementation.”

Suggested articles