Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Line card may reset on receiving a crafted BFD Control packet

0

0

Article ID: JSA10409 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 2.0
Legacy Advisory Id:
PSN-2009-09-513
Product Affected:
ERX 310/700/705/1410/1440, E320
Problem:
When an E-series router running an affected release of JUNOSe receives a crafted BFD Control packet there is a possibility that the line card may reset. Note that it is not necessary to enable BFD to hit this defect - running BGP and/or RSVP is sufficient for a line card to be vulnerable. Please refer to the attached PDF for additional details.

This issue was found internally during testing. There are no confirmed reports of this issue being triggered by a deliberate attack on the router from an external source.

This issue is tracked internally as CQ 89062.
Solution:
The following JUNOSe software releases (used on E-series routers) contain modified code to handle illegal values in BFD Control packets: 10.1.0, 10.0.1, 10.2.0, 9.3.1, 10.0.0p0-2, 9.2.2, 9.1.2p0-2, 9.0.2p0-3, 9.0.3, 9.0.1p0-7-5.

All follow-on releases of JUNOSe are unaffected by this vulnerability. No other Juniper products are affected by this vulnerability.
Severity Level:
Low
Severity Assessment:
There are no confirmed reports of this issue being triggered by a deliberate attack on the router from an external source.

Related Links

Attachment

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search