[Infowarrior] - Fw: Juniper issues
Richard Forno
rforno at infowarrior.org
Fri Jan 8 02:01:32 UTC 2010
Begin forwarded message:
> From: aj reznor
> Date: January 7, 2010 8:40:02 PM EST
>
> http://ptresearch.blogspot.com/2010/01/juniper-junos-remote-kernel-crash-flaw.html
>
> "Juniper Networks is warning customers of a critical flaw in its
> gateway routers that allows attackers to crash the devices by
> sending them small amounts of easily-spoofed traffic." - The
> Register news.
>
> The JunOS kernel will crash (i.e. core) when a specifically crafted
> TCP option is received on a listening TCP port. The packet cannot
> be filtered with Junos's firewall filter. A router receiving this
> specific TCP packet will crash and reboot.
>
>
> One thing is highlighted are these two parts:
>
> "A Juniper spokeswoman said the bulletin was one of seven
> security advisories the company issued under a policy designed to
> prevent members of the public at large from getting details of the
> vulnerabilities."
>
> "Because of Juniper's 'Entitled Disclosure Policy,' only our
> customers and partners are allowed access to the details of the
> Security Advisory," the spokeswoman wrote.
>
> Based on that the blogged deduced there are only 256 guesses and
> provides POC.
>
> I just found this interesting because:
> - I've not seen this anywhere else today (ok, i do live under a rock
> and may have missed it)
> - The "mum's the word, except for our clients and partners" part,
> followed by the :
> - "We said just enough to make it obvious, oops" factor.
>
> Blog post contains link to original Reg article, which I skipped
> going to
> the source this time around because I found the POC to be more
> intersting than
> the fact that JNPR's pants are around its ankles :)
More information about the Infowarrior
mailing list