[j-nsp] junos vulnerability

Levent Ogut (posts) lom at doruk.net.tr
Wed Jan 26 15:02:12 EST 2005


Sorry , I did a stupid mistake, I was trying to forward the e-mail to  
someone,

I apologize from all the list members.


On Wed, 26 Jan 2005 19:35:29 -0000, Levent Ogut (posts) <lom at doruk.net.tr>  
wrote:

> Bugun vulnerability gunu, dunyanin heryerinde kutlayalim
>
>
>
>
>
> Title Security Vulnerability in JUNOS Software
>
> Products Affected All M-series and T-series routing platforms
>
> Platforms Affected
> &#56256;&#56442; Security
> &#56256;&#56442; JUNOS 7.x
> &#56256;&#56442; JUNOS 5.x
> &#56256;&#56442; JUNOS 6.x
> &#56256;&#56442; JUNOS 3.x
> &#56256;&#56442; JUNOS 4.x
>
> Revision Number 1
>
> Issue Date 2005-01-26
>
> PSN Issue : Juniper Networks has identified a serious security
> vulnerability
> within our JUNOS Software. This vulnerability could be exploited either  
> by
> a
> directly-attached neighboring device or by a remote attacker that can
> deliver certain packets to the router. Routers running vulnerable JUNOS
> software are susceptible regardless of the router's configuration. It is
> not
> possible to use firewall filters to protect vulnerable routers. This
> vulnerability is specific to Juniper Networks routers running JUNOS
> software
> releases built prior to January 7, 2005. Routers that do not run JUNOS
> software are not susceptible to this vulnerability. Juniper Networks is  
> not
> aware of any actual or attempted exploit of this vulnerability.
>
> Solution: JUNOS software has been modified to address this vulnerability.
> All versions of JUNOS software built on or after January 22, 2005 contain
> the modified code. Software built between January 7 and January 22 may
> contain the modified code, depending on the specific JUNOS release.
> Solution Implementation: All customers are strongly encouraged to upgrade
> their software to a release that contains the modified code. Pointers to
> software releases that contain the corrected code can be found in the
> Related Links section below. Customers can also contact the Juniper
> Networks
> Technical Assistance Center for download information.
>
> RelatedLinks
> &#56256;&#56442; Software Download Links
>
> Attributes
> Audience Customer Service
>
> Alert Type Product Support Notification
>
> Risk Level High
>
> Risk Assessment
> Both directly-attached and remote attackers can severely disrupt normal
> operation of the routing
> platform.
>
> Created Date 2005-01-26 05:13:46.0
>
> Last Modified
> Date
> 2005-01-26 05:13:46.0
> << Back
> [Search Tips]
> Page 1 of 1 Juniper Networks, Inc. - JTAC Technical Bulletins View
> 27-Jan-05
> http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2005-01-...
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp





More information about the juniper-nsp mailing list