Educause Security Discussion mailing list archives
Juniper router issue
From: "Bruhn, Mark S." <mbruhn () INDIANA EDU>
Date: Fri, 14 Mar 2003 09:25:02 -0500
Some of you who are close to your network engineers (or ARE your network engineers) may have seen this alert from Juniper. We've been discussing their release of this information for a couple of days... The first item is a general notification that we helped them write, and the second is the email they sent to their customers. At the URL they cite, which requires a login, there is very specific technical detail about what specifically will crash the routers. M. -- Mark S. Bruhn, CISSP Chief IT Security and Policy Officer Interim Directory, Research and Higher Education Information Sharing and Analysis Center Office of the Vice President for Information Technology and CIO Indiana University 812-855-0326 Incidents involving IU IT resources: it-incident () iu edu Complaints/kudos about OVPIT/UITS services: itombuds () iu edu Juniper routers which route IPv6 and are running JUNOS releases built before January 6, 2003 are vulnerable to a IPv6 packet with a specific next-header value which can crash the router. The packet contains an unsupported value in the next-header field of the IPv6 header which may result in a kernel crash, which will cause the router reboot. The router still forwards the packet towards its destination which could cause other intermediate routers to crash. The Abilene network discovered this problem on February 24th when five of their core routers crashed between 12:30 and 13:00 EST. We are aware of a provider in Japan and a provider in Europe who saw the same problem at approximately the same time. This leads us to believe the packet that caused this incident had a source and destination in Europe and Asia. There is no indication that this was done intentionally. Juniper was unaware of this particular bug until it was encountered by Abilene. Upon further investigation and testing, Juniper determined a fix put in place for a related matter alleviated this issue as well. This fix is provided in a currently available version of code (either 5.5R3 or 5.6R2) and there is a workaround available for prior releases of code. Date: Thu, 13 Mar 2003 10:48:43 -0800 (PST) From: pa-admin () juniper net To: XXXX () iu edu Subject: New Juniper Technical Bulletin - PSN-2003-03-002 The Juniper Networks Technical Assistance Center (JTAC) announces the following Technical Bulletin that is available on our Customer Support Center website. You will need a valid login ID on www.juniper.net in order to view the full description. Technical Bulletin Subject: Incorrect parsing of IPv6 packets may cause the kernel to panic Detailed information can be found at the following URL (login required): http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2003-03-0 02&actionBtn=Search If you do not have a valid login ID, you can submit your application at the following URL: http://www.juniper.net/gainaccess.htm NOTE: A Technical Bulletin is a formal notice regarding critical and/or potentially service-affecting hardware and software product issues. The Technical Bulletin process allows the proactive communication of pertinent information to both customers and partners. For further information, please contact the Juniper Technical Assistance Center(JTAC) by e-mail at support () juniper net, or by phone: (888) 314-JTAC (within the US) +1 408-745-2121 (outside the US) If you have any questions about the review or its process, please email mailto:pa-admin () juniper net. If you would like to Edit your Alert Preferences and/or Unsubscribe yourself from this mailing list please go to the below URL: http://www.juniper.net/alerts/subscribe.jsp?actionBtn=Modify ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- Juniper router issue Bruhn, Mark S. (Mar 14)