Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13513
HistoryJul 13, 2006 - 12:00 a.m.

[SA21003] Juniper Networks JUNOS IPv6 Packet Handling Denial of Service

2006-07-1300:00:00
vulners.com
16

Hardcore Disassembler / Reverse Engineer

Reversing must be a passion as your skills will be challenged
on a daily basis and you will be working several hours
everyday in IDA, Ollydbg, and with BinDiff. Often, it is also
required that you write a PoC or even a working exploit to
prove that an issue is exploitable.

http://secunia.com/hardcore_disassembler_and_reverse_engineer/


TITLE:
Juniper Networks JUNOS IPv6 Packet Handling Denial of Service

SECUNIA ADVISORY ID:
SA21003

VERIFY ADVISORY:
http://secunia.com/advisories/21003/

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
>From remote

OPERATING SYSTEM:
JUNOS 6.x
http://secunia.com/product/3418/
JUNOS 7.x
http://secunia.com/product/5158/
JUNOS 8.x
http://secunia.com/product/10974/

DESCRIPTION:
A vulnerability has been reported in the M-series, T-series, and
J-Series routers, which can be exploited by malicious people to cause
a DoS (Denial of Service).

The vulnerability is caused due to an error when freeing memory after
receiving certain IPv6 packets. This can be exploited to cause a
exhaust available memory by sending specially crafted IPv6 packets to
the vulnerable router.

Successful exploitation crashes the router.

The vulnerability has been reported for routers using a version of
the JUNOS Internet Software built before 2006-05-10.

SOLUTION:
Apply an updated version of the JUNOS software.

PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.

ORIGINAL ADVISORY:
http://www.juniper.net/support/security/alerts/IPv6_bug.txt
http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt


About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.