[j-nsp] Unrecognized ICMP6 type

Paul Goyette pgoyette at juniper.net
Sat Jun 19 09:55:08 EDT 2004

The specially-crafted packet itself does NOT "make a JUNOS
box fall over"!

It _does_ cause a memory leak in the packet forwarding engine,
which can eventually cause problems.

This PR was originally not recognized as presenting a security
hole (DoS attack vector).  I have just updated it to reflect
the severity of the problem.

-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net]On Behalf Of Daniel Roesen
Sent: Saturday, June 19, 2004 5:58 AM
To: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] Unrecognized ICMP6 type

On Sat, Jun 19, 2004 at 10:24:07AM +0200, Philippe PEGON wrote:
> and the box stop routing regularly. Juniper has spot this problem, it's a
> memory leak with some ICMP6 packets. A problem report was open in juniper
> (PR48386) to solve that.

Interesting, so "carefully crafted" ICMPv6 packets can make a JUNOS
box fall over?

/me awaits a security alert..

juniper-nsp mailing list juniper-nsp at puck.nether.net

More information about the juniper-nsp mailing list