Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

FreeBSD Security Advisory - Remote kernel panics on IPv6 connections (FreeBSD-SA-08:09.icmp6)

0

0

Article ID: JSA10386 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 4.0
Legacy Advisory Id:
PSN-2008-09-003
Product Affected:
No Juniper Networks products are affected by this vulnerability.
Problem:
A recently-published security advisory from FreeBSD.org describes a vulnerability with ICMPv6. Insufficient validation of the ICMPv6 "Packet Too Big" message can result in a subsequent TCP connection crashing the kernel.

The JUNOS Operating system is based on and uses components from FreeBSD.
Solution:
At this time, static analysis of the source code indicates that JUNOS is not exposed or vulnerable to this IPv6 issue. Detailed static analysis has determined that JUNOS's ICMPv6 code implements additional validations, policing, and optimizations beyond those in FreeBSD. JUNOS also implements additional features which can be used to mitigate this attack vector.


Further analysis and testing has been conducted which verified that JUNOS software is not susceptible to this vulnerability.

Implementation:
JUNOS software is currently believed not to be susceptible to this vulnerability. No customer action is indicated at this time.
Severity Level:
Low
Severity Assessment:
JUNOS software is currently believed not to be susceptible to this vulnerability.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search