Data centers

03:30 AM
Connect Directly
RSS
E-Mail
50%
50%

Security Bugs Bite Juniper, Cisco

A Junos vulnerability forces emergency carrier upgrades; Cisco finds three more IOS glitches

A vulnerability in Juniper Networks Inc. (Nasdaq: JNPR) router software had carriers scrambling to upgrade their networks early this week.

Juniper did not publicly disclose the flaw but did alert customers and posted a warning with the CERT Coordination Center (CERT/CC) at http://www.kb.cert.org/vuls/id/409555. Details of the bug are available on Juniper's Website, but only for the eyes of partners and customers.

Juniper is not commenting, "except to say that we have confirmed a security vulnerability in Junos and [that] a fix is available to our customers," a spokeswoman says.

The bug, discovered by the Qwest Communications International Inc. (NYSE: Q) software certification team, appears to affect all of Juniper's M- and T-series routers. Certain types of packets sent under certain conditions can cause a "severe operational disruption" that can be exploited to create a denial-of-service (DOS) attack, according to the CERT/CC warning. All versions of Junos software built before Jan. 7, 2005, are affected.

Juniper apparently issued a patch to cover the glitch, and reports on the North American Network Operators' Group (NANOG) mailing list said Tier 1 carriers were frantically upgrading their routers last weekend. A BellSouth Corp. (NYSE: BLS) spokesman noted that his company upgraded routers on its internal network and core network but added that no customers were affected by the glitch.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Cartoon
Hot Topics
7
VMware NSX Banks On Security
Marcia Savage, Managing Editor, Network Computing,  8/28/2014
5
How To Survive In Networking
Susan Fogarty, Editor in Chief,  8/28/2014
4
Real-World SDN, Lesson 2: Conquer The Enemy Within
Symon Perriman, Senior Technical Evangelist, Microsoft,  8/25/2014
White Papers
Register for Network Computing Newsletters
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Slideshows
Twitter Feed