- Nokia's new N97 vs. the iPhone
- Talk-powered cell phones?
- FBI: Copper thieves jeopardize U.S. infrastructure
- 10 Microsoft research projects
- Smartphone smackdown: Storm vs. iPhone
Juniper Networks has issued a security bulletin warning users of a bug in its JUNOS router software.
The glitch reportedly created problems for service providers last week in processing Border Gateway Protocol (BGP) traffic. It allowed malformed packets to induce "interface flapping," in which the interface of a network device is left going up and down repeatedly, according to British IT blog The Register.
"The behaviour [sic], on a large computer network, might be used to exhaust the memory buffers on devices targeted with malformed IPv6 messages. This, in turn, might lead to lost datagrams and general network chaos," the blog's author, John Leyden, stated on the site.
"The bug lends itself to remote exploitation, making it possible that it might form the basis of denial-of-service attack by hackers against service providers," Leyden wrote. Service-provider experiences with the situation were discussed on the Juniper mailing list at puck.nether.net as well.
The affected JUNOS releases range from 7.3 to 8.4, according to The Register. Upgrading to JUNOS 8.5R1 apparently alleviates the problem, the blog reported.
Juniper confirmed the situation and said it was resolved. It declined to provide Network World with a copy of the security bulletin, citing company policy.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (4)
Juniper did release aBy Anonymous on December 21, 2007, 11:58 am Juniper did release a Technical Bulletin - PSN-2007-12-008 - to customers. I received it on 12/13/08.
Reply | Read entire comment
Cisco HABy Jude on December 20, 2007, 9:57 amYeah, every now and then even the best router software has a glitch..... I am sure cisco will get there own house in order before throwing stones. "Cisco...
Reply | Read entire comment
Cisco HaBy Anonymous on December 19, 2007, 5:11 pmCisco is gonna love this!
Reply | Read entire comment
RE: BGP bug bites Juniper softwareBy Annonymous on December 19, 2007, 9:27 amSo Juniper's official policy is not to release security bulletins? So if I am a customer that has a device that could be affected, I should wait for it to happen...
Reply | Read entire comment
View all comments