[nsp-sec] Juniper Security Advisories - please check if you are a customer and not received E-mails

Barry Raveendran Greene bgreene at senki.org
Wed Jan 6 19:45:04 EST 2010 

[Sent from my senki.org account.]

Juniper posted today seven security advisories to our customers.  These are
all scheduled security advisories as part of a monthly schedule (similar to
Microsoft's Patch Tuesday).  All have fixed code available and feasible
workarounds which can be used and deployed immediately by our customers.
Because of Juniper's "Entitled Disclosure Policy," only our customers and
partners are allowed access to the details of the Security Advisory.

You can access the Security Advisories via our Tech Bulletins:
https://www.juniper.net/alerts/

The title of the advisories and PSN numbers are:

    * as-path-prepend and specific length AS_PATH we can cause a Juniper to
send corrupted update packets to eBGP neighbors (PSN-2010-01-622)
    * Invalid RSVP packet causes RPD process busy loop and router becomes
unresponsive (PSN-2010-01-625)
    * RPD cores when injected with malformed PIM messages (PSN-2010-01-627)
    * Malformed AS-4 Byte Transitive Attributes Drop BGP Sessions
(PSN-2010-01-626)
    * Kernel cores when it receives a crafted TCP option (PSN-2010-01-623)
    * Unauthorized user can obtain root access using cli (PSN-2010-01-624)
    * Sending a Crafted RSVP Path Object Overloads the RPD Process
(PSN-2010-01-621)

While many of these have high CVSS Base scores, they should _NOT_ trigger
anyone to do any "rapid upgrading." PSN-2010-01-623 is the one with the most
direct impact. That one can have risk reduced with narrowing the attack
surface with good packet filtering and anti-spoofing for all the network's
infrastructure addresses. We know that "rapid upgrading" is 100% guaranteed
to cause collateral damage in a network while the active exploitation of
network vendor vulnerabilities are "iffy." Be paranoid and cautions, but
please don't overreact.

Please ping me if you have any questions,

Barry

Barry Raveendran Greene
Director, Juniper Security Incident Response Team (SIRT)

Tel (Office): +1 408 936-6887
Tel (Cell): +1 408 218-4669
E-mail: bgreene at juniper.net
! 
Chat Locations:
AIM: Barry R Greene
MSN: BarryRGreene
Yahoo: BarryRGreene
Skype: barrygreene
Jabber: barryrgreene at jabber.tisf.net
MSN: BarryRGreene at hotmail.com

PGP: 0x16BF45F3

More information about the nsp-security mailing list