Updated: June 20, 2004
Not Affected
Not Vulnerable
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: June 20, 2004
Affected
For registered Juniper customers, please see: https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2004-06-009&actionBtn=Search Number PSN-2004-06-009 Title Remotely exploitable ICMPv6 denial-of-service (DoS) attack (CERT/CC VU#658859) Products Affected All Juniper Networks M-series and T-series routing platforms with IPv6 enabled. # Platforms Affected JUNOS 6.x # Security Revision Number 1 PSN Issue When an incoming IPv6 packet requires the router to generate an ICMPv6 response, the response might not be generated and the buffer containing the original packet might not be released. Eventually the Packet Forwarding Engine CPU might exhaust its packet memory and reboot. This problem exists in all JUNOS Release 6.x software built on or after February 24, 2004 running on M-series and T-series routing platforms, and is tracked as PR/48386. Solution The JUNOS software has been modified to release the memory occupied by the original IPv6 packets. Solution Implementation All JUNOS software built on or after June 21, 2004 includes the corrected code. Customers running in an IPv6 environment are strongly encouraged to upgrade their software to incorporate this correction. Contact Juniper Networks Technical Assistance Center for availability and download instructions. Risk Level - High Risk Assessment This remotely exploitable Denial of Service attack vector exists in all Juniper Networks M-series and T-series routing platforms on which IPv6 is enabled.
The vendor has not provided us with any further information regarding this vulnerability.
CERT/CC is tracking this issue as VU#658859. CERT/CC has been notified by Juniper that they are tracking this issue under PR/48386. Please contact the Juniper Technical Assistance Center (JTAC) for more information: http://www.juniper.net/support/requesting-support.html mailto:support@juniper.net +1-888-314-JTAC (within the United States, Canada, or Mexico) +1-408-745-9500 (from other countries)