JUNOS (Juniper) Flaw Exposes Core Routers to Kernel Crash


"A report has been received from Juniper at 4:25pm under bulletin
PSN-2010-01-623 that a crafted malformed TCP field option in the TCP
header of a packet will cause the JUNOS kernel to core (crash). In other
words the kernel on the network device (gateway router) will crash and
reboot if a packet containing this crafted option is received on a
listening TCP port. The JUNOS firewall filter is unable to filter a TCP
packet with this issue. Juniper claims this issue as exploit was
identified during investigation of a vendor interoperability issue."

From various mailing lists, I know that many places are scrambling to
update their routers. Qwest performed an unscheduled, un-notified
outage to resolve the issue from their end.

Juniper routers should be upgraded ASAP to avoid possible exploitation.