Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

IPSec implementation does not properly handle certain very short packets. (PR/27664)

0

0

Article ID: JSA10285 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 3.0
Legacy Advisory Id:
FA-SW-0209-002
Product Affected:
JUNOS Internet software releases 5.2R1.4, 5.2R2.3, 5.2R3.4, 5.2R4.4, 5.3R1.2, 5.3R2.4, 5.3R3.3, and 5.4R1.4
Problem:
In the releases affected, JUNOS IPSec implementation does not ensure that an IPSec packet is long enough to contain the required authentication data. As a result, spoofing very short ESP or AH packets with known source, destination, Security Payload Identifier, and a high sequence number can cause a kernel panic. This problem is documented as PR/27664.
Solution:
The IPSec code was modified to correctly verify that IPSec packets are of sufficient length to include the required authentication data.
Implementation:
Customers should install an updated release of JUNOS software. All releases of JUNOS software built on or after August 23rd, 2002, contain the fix. As a work-around, customers can implement a firewall filter and apply it to the lo0 interface to prevent delivery of IPSec ESP and AH packets. Alternatively, customers can remove all IPSec configuration from the router to avoid the vulnerability.
Severity Level:
High
Severity Assessment:
A remote attacker can cause a kernel panic and deny router service to legitimate users. No direct access to or privileges on the router are required to launch this denial-of-service (DoS) attack.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search