[Juniper] Bug


Operator にはインパクトおっきいですよね。

http://d.hatena.ne.jp/snuffie/20050127

一応、最初に知った情報源

# メール本文引用

——

Bugun vulnerability gunu, dunyanin heryerinde kutlayalim

Title Security Vulnerability in JUNOS Software

Products Affected All M-series and T-series routing platforms

Platforms Affected

Security

JUNOS 7.x

JUNOS 5.x

JUNOS 6.x

JUNOS 3.x

JUNOS 4.x

Revision Number 1

Issue Date 2005-01-26

PSN Issue : Juniper Networks has identified a serious security

vulnerability

within our JUNOS Software. This vulnerability could be exploited either by

a

directly-attached neighboring device or by a remote attacker that can

deliver certain packets to the router. Routers running vulnerable JUNOS

software are susceptible regardless of the router’s configuration. It is

not

possible to use firewall filters to protect vulnerable routers. This

vulnerability is specific to Juniper Networks routers running JUNOS

software

releases built prior to January 7, 2005. Routers that do not run JUNOS

software are not susceptible to this vulnerability. Juniper Networks is not

aware of any actual or attempted exploit of this vulnerability.

Solution: JUNOS software has been modified to address this vulnerability.

All versions of JUNOS software built on or after January 22, 2005 contain

the modified code. Software built between January 7 and January 22 may

contain the modified code, depending on the specific JUNOS release.

Solution Implementation: All customers are strongly encouraged to upgrade

their software to a release that contains the modified code. Pointers to

software releases that contain the corrected code can be found in the

Related Links section below. Customers can also contact the Juniper

Networks

Technical Assistance Center for download information.

RelatedLinks

Software Download Links

Attributes

Audience Customer Service

Alert Type Product Support Notification

Risk Level High

Risk Assessment

Both directly-attached and remote attackers can severely disrupt normal

operation of the routing

platform.

Created Date 2005-01-26 05:13:46.0

Last Modified

Date

2005-01-26 05:13:46.0

« Back

[Search Tips]

Page 1 of 1 Juniper Networks, Inc. – JTAC Technical Bulletins View

27-Jan-05

http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2005-01-…

_______________________________________________

juniper-nsp mailing list juniper-nsp@puck.nether.net

http://puck.nether.net/mailman/listinfo/juniper-nsp