Data centers

03:30 AM
Connect Directly
RSS
E-Mail
50%
50%

Security Bugs Bite Juniper, Cisco

A Junos vulnerability forces emergency carrier upgrades; Cisco finds three more IOS glitches

A vulnerability in Juniper Networks Inc. (Nasdaq: JNPR) router software had carriers scrambling to upgrade their networks early this week.

Juniper did not publicly disclose the flaw but did alert customers and posted a warning with the CERT Coordination Center (CERT/CC) at http://www.kb.cert.org/vuls/id/409555. Details of the bug are available on Juniper's Website, but only for the eyes of partners and customers.

Juniper is not commenting, "except to say that we have confirmed a security vulnerability in Junos and [that] a fix is available to our customers," a spokeswoman says.

The bug, discovered by the Qwest Communications International Inc. (NYSE: Q) software certification team, appears to affect all of Juniper's M- and T-series routers. Certain types of packets sent under certain conditions can cause a "severe operational disruption" that can be exploited to create a denial-of-service (DOS) attack, according to the CERT/CC warning. All versions of Junos software built before Jan. 7, 2005, are affected.

Juniper apparently issued a patch to cover the glitch, and reports on the North American Network Operators' Group (NANOG) mailing list said Tier 1 carriers were frantically upgrading their routers last weekend. A BellSouth Corp. (NYSE: BLS) spokesman noted that his company upgraded routers on its internal network and core network but added that no customers were affected by the glitch.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Research: 2014 State of the Data Center
Research: 2014 State of the Data Center
Our latest survey shows growing demand, fixed budgets, and good reason why resellers and vendors must fight to remain relevant. One thing's for sure: The data center is poised for a wild ride, and no one wants to be left behind.
Video
Twitter Feed