Juniper Fixing IPv6 Vulnerability

Thursday, August 11, 2016 @ 04:08 PM gHale


Juniper Networks mitigated a vulnerability in its JUNOSe software that focused on the processing of IPv6 packets that affects several vendors.

The vulnerability can cause a denial-of-service (DoS) condition by sending specially crafted IPv6 Neighbor Discovery (ND) packets to affected devices.

RELATED STORIES
Juniper Issues Patches for Junos OS
Cisco Fixes Critical Flaws in Routers
Cisco Mitigates Vulnerabilities
Cisco Fixes Network Analysis Modules

Cisco found the vulnerability in May during the resolution of a support case. The company said the problem was not specific to Cisco products and it had caused disruptions for some of its customers.

After investigating the problem, Juniper Networks informed customers the vulnerability, tracked as CVE-2016-1409, affects its Junos and JUNOSe routers.

Juniper this week released hotfixes for JUNOSe FC3 (LM10a, LM10U, LM10ADV) and FC2 (LM4) products.

Until patches become available for all affected routers, the vendor released mitigations that should limit the attack surface.

Cisco, which has not yet released patches for this high severity issue, said its IOS XR, IOS, IOS XE, NX-OS, ASA, and StarOS software suffer from the issue.

The company has pointed out the vulnerability can only end up exploited if IPv6 is enabled, but the feature is disabled by default in most products.