BGP bug bites Juniper software

Bug lends itself to remote exploitation, could open way for denial-of-service attacks
  • Jim Duffy (Network World)
  • 19 December, 2007 08:09

Juniper Networks has issued a security bulletin warning users of a bug in its JUNOS router software.

The glitch reportedly created problems for service providers last week in processing Border Gateway Protocol (BGP) traffic. It allowed malformed packets to induce "interface flapping," in which the interface of a network device is left going up and down repeatedly, according to British IT blog The Register.

"The behaviour [sic], on a large computer network, might be used to exhaust the memory buffers on devices targeted with malformed IPv6 messages. This, in turn, might lead to lost datagrams and general network chaos," the blog's author, John Leyden, stated on the site.

"The bug lends itself to remote exploitation, making it possible that it might form the basis of denial-of-service attack by hackers against service providers," Leyden wrote. Service-provider experiences with the situation were discussed on the Juniper mailing list at as well.

The affected JUNOS releases range from 7.3 to 8.4, according to The Register. Upgrading to JUNOS 8.5R1 apparently alleviates the problem, the blog reported.

Juniper confirmed the situation and said it was resolved. It declined to provide Network World with a copy of the security bulletin, citing company policy.