===================================================================== CERT-Renater Note d'Information No. 2010/VULN020 _____________________________________________________________________ DATE : 11/01/2010 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : JUNOS. ====================================================================== http://www.publicsafety.gc.ca/prg/em/ccirc/2010/av10-002-eng.aspx ______________________________________________________________________ PUBLIC SAFETY CANADA CANADIAN CYBER INCIDENT RESPONSE CENTRE ***************** ADVISORY ***************** Number: AV10-002 Date: 08 January 2010 ************************************************* JUNOS (Juniper) Flaw Exposes Core Routers to Kernel Crash ************************************************* PURPOSE - --------- The purpose of this advisory is to bring attention to a vulnerability which affects JUNOS (Juniper). ASSESSMENT - ------------- Crafted packets containing malformed TCP header options can be sent by remote attackers which may crash Juniper kernels or cause JUNOS devices to reboot. JUNOS firewalls are unable to filter the malformed data. CCIRC is not aware of any reports indicating that this vulnerability is being exploited, or that exploit code is available in the wild. The vendor does not release vulnerability news publicly, but their advisory and updates are available to Juniper customers. Affected versions include: JUNOS 9.x JUNOS 7.x JUNOS 8.x Devices with JUNOS later than 1/28/09 already have the fix. SUGGESTED ACTION - ---------------- CCIRC recommends that administrators identify affected products, then test and apply patches or workaround as appropriate. References: http://securitytracker.com/alerts/2010/Jan/1023417.html http://praetorianprefect.com/archives/2010/01/junos-juniper-flaw-exposes-core-routers-to-kernal-crash/ http://www.juniper.net/ ================= Note to Readers The Canadian Cyber Incident Response Centre (CCIRC) provides a focal point for Canada's cyber threat and vulnerability warning, analysis and response. CCIRC is responsible for assuring the resilience of national critical infrastructure through monitoring threats and coordinating a federal response to cyber security incidents of national interest. CCIRC operates in conjunction with the Government Operations Centre (GOC) within Public Safety Canada and is a key component of the government's all-hazards approach to emergency management and national security. For general inquires into the role of Public Safety Canada, please contact the department's Public Affairs division at: Telephone: 613-944-4875 or 1-800-830-3118 Fax: 613-998-9589 E-mail: communications@ps-sp.gc.ca Government Operations Centre/Centre des opérations du gouvernement Email/courriel: GOC-COG@PS-SP.GC.CA Tel.: (613) 991-7000 STE : (613) 949-5773 Fax/Télécopieur: (613) 996-0995 Secure Fax/Télécopieur sécurisé: (613) 991-7094 ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================