[j-nsp] Unrecognized ICMP6 type
Paul Goyette
pgoyette at juniper.net
Mon Jun 21 13:56:13 EDT 2004
As reported earlier, Juniper has released Technical Bulletin
PSN-2004-06-009 concerning this problem. Registered customers
can access the bulletin at
https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2004-06-009
Yes, indeed, it is a security vulnerability, and CERT/CC has
assigned it VU#658859 (although nothing appears on their web
site yet).
-----Original Message-----
From: Wayne E. Bouchard [mailto:web at typo.org]
Sent: Monday, June 21, 2004 10:51 AM
To: Paul Goyette
Cc: Daniel Roesen; juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] Unrecognized ICMP6 type
Okay, so this is a DDOS problem then. skript kiddie launches a ICMP
bomb against the box and makes it run out of RAM and cease normal
function necessitating a reboot.
Still a security thing.
On Sat, Jun 19, 2004 at 06:55:08AM -0700, Paul Goyette wrote:
> The specially-crafted packet itself does NOT "make a JUNOS
> box fall over"!
>
> It _does_ cause a memory leak in the packet forwarding engine,
> which can eventually cause problems.
>
> This PR was originally not recognized as presenting a security
> hole (DoS attack vector). I have just updated it to reflect
> the severity of the problem.
>
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net
> [mailto:juniper-nsp-bounces at puck.nether.net]On Behalf Of Daniel Roesen
> Sent: Saturday, June 19, 2004 5:58 AM
> To: juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] Unrecognized ICMP6 type
>
>
> On Sat, Jun 19, 2004 at 10:24:07AM +0200, Philippe PEGON wrote:
> > and the box stop routing regularly. Juniper has spot this problem, it's
a
> > memory leak with some ICMP6 packets. A problem report was open in
juniper
> > (PR48386) to solve that.
>
> Interesting, so "carefully crafted" ICMPv6 packets can make a JUNOS
> box fall over?
>
> /me awaits a security alert..
>
>
> Regards,
> Daniel
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
---
Wayne Bouchard
web at typo.org
Network Dude
http://www.typo.org/~web/
More information about the juniper-nsp
mailing list