Systems running older versions of Juniper Networks’ Junos OS software could fall prey to a transmission control protocol (TCP) flaw that can enable an attacker to crash and reboot routers.
An attacker could send a specially crafted TCP packet to a listening port on a Juniper Routing Engine that could crash the kernel and reboot the system. Systems that use versions of Junos older than Jan. 17 suffer from the issue, but recent versions contain a fix for the problem.
Juniper Networks officials confirmed the TCP vulnerability, saying they found the problem during routine internal product testing. Cindy Ta, the director of corporate communications at Juniper Networks said the company’s Security Incident Response Team (SIRT) has been unable to document any malicious exploits that use the vulnerability.
The company is instructing any concerned customers to contact Juniper Customer Support, which classifies the issue as a “high alert” vulnerability, for further information and solutions.
Juniper’s advisory suggests users use access lists or firewall filters for their routers, “deployed on both the edge and control plane, and source address anti-spoofing to prevent traffic from bogus addresses reaching the devices.”
Unicast reverse-path-forwarding, a tool that can reduce the forwarding of potentially dangerous IP packets can also prevent exploits, Juniper said.