Sign-up

ID

VAR-200607-0225


CVE

CVE-2006-3529


TITLE

Juniper JUNOS IPv6 denial-of-service vulnerability

Trust: 0.8

sources: CERT/CC: VU#294036

DESCRIPTION

Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed. Juniper JUNOS Is for routing provided by Juniper Networks OS is. As a result, a remote third party could interfere with service operation. (DoS) You can be attacked. JUNOS is prone to a remote denial-of-service vulnerability. This issue arises when the application consistently handles specially crafted IPv6 packets. All versions of JUNOS Internet Software built prior to May 10, 2006 running on M-series, T-series, and J-series routers are vulnerable. The operating system provides a secure programming interface and Junos SDK. There is a loophole in the processing of specific malformed IPv6 packets in JUNOS. Remote attackers may use this loophole to perform denial of service attacks on routers. ---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Reversing must be a passion as your skills will be challenged on a daily basis and you will be working several hours everyday in IDA, Ollydbg, and with BinDiff. Often, it is also required that you write a PoC or even a working exploit to prove that an issue is exploitable. http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Juniper Networks JUNOS IPv6 Packet Handling Denial of Service SECUNIA ADVISORY ID: SA21003 VERIFY ADVISORY: http://secunia.com/advisories/21003/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: JUNOS 6.x http://secunia.com/product/3418/ JUNOS 7.x http://secunia.com/product/5158/ JUNOS 8.x http://secunia.com/product/10974/ DESCRIPTION: A vulnerability has been reported in the M-series, T-series, and J-Series routers, which can be exploited by malicious people to cause a DoS (Denial of Service). Successful exploitation crashes the router. SOLUTION: Apply an updated version of the JUNOS software. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.juniper.net/support/security/alerts/IPv6_bug.txt http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2006-3529 // CERT/CC: VU#294036 // JVNDB: JVNDB-2006-000912 // BID: 18930 // VULHUB: VHN-19637 // PACKETSTORM: 48141

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:6.4

Trust: 1.9

vendor:junipermodel:junosscope:eqversion:6.6

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:7.3

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:6.5

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:7.6

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:7.8

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:7.5

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:7.4

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:7.7

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:7.2

Trust: 1.6

vendor:junipermodel:junosscope:eqversion:8.0

Trust: 1.3

vendor:junipermodel:junosscope:eqversion:6.7

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:6.9

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:7.9

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:7.0

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:7.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:6.8

Trust: 1.0

vendor:junipermodel: - scope: - version: -

Trust: 0.8

vendor:junipermodel:junos osscope:eqversion:6.4 to 8.0

Trust: 0.8

vendor:junipermodel:junosscope:eqversion:6.3

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:6.2

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:6.1

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:5.7

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:5.6

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:5.5

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:5.4

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:5.3

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:5.2

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:5.1

Trust: 0.3

vendor:junipermodel:junosscope:eqversion:5.0

Trust: 0.3

sources: CERT/CC: VU#294036 // BID: 18930 // JVNDB: JVNDB-2006-000912 // CNNVD: CNNVD-200607-135 // NVD: CVE-2006-3529

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-3529
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#294036
value: 11.23

Trust: 0.8

NVD: CVE-2006-3529
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200607-135
value: MEDIUM

Trust: 0.6

VULHUB: VHN-19637
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2006-3529
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-19637
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#294036 // VULHUB: VHN-19637 // JVNDB: JVNDB-2006-000912 // CNNVD: CNNVD-200607-135 // NVD: CVE-2006-3529

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-3529

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200607-135

TYPE

Design Error

Trust: 0.9

sources: BID: 18930 // CNNVD: CNNVD-200607-135

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-000912

PATCH
title:Customer Support Centerurl:http://www.juniper.net/customers/support/
Trust: 0.8
title:EXT-PSN-2006-06-017url:http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-000912

EXTERNAL IDS
db:CERT/CCid:VU#294036
Trust: 3.3
db:BIDid:18930
Trust: 2.8
db:SECUNIAid:21003
Trust: 2.6
db:OSVDBid:27132
Trust: 2.5
db:SECTRACKid:1016460
Trust: 2.5
db:NVDid:CVE-2006-3529
Trust: 2.5
db:VUPENid:ADV-2006-2742
Trust: 1.7
db:XFid:27654
Trust: 1.4
db:JVNDBid:JVNDB-2006-000912
Trust: 0.8
db:CNNVDid:CNNVD-200607-135
Trust: 0.7
db:XFid:6
Trust: 0.6
db:VULHUBid:VHN-19637
Trust: 0.1
db:PACKETSTORMid:48141
Trust: 0.1
sources:
            
            
            CERT/CC: VU#294036 // 
            
            
            
            VULHUB: VHN-19637 // 
            
            
            
            BID: 18930 // 
            
            
            
            JVNDB: JVNDB-2006-000912 // 
            
            
            
            PACKETSTORM: 48141 // 
            
            
            
            CNNVD: CNNVD-200607-135 // 
            
            
            
            NVD: CVE-2006-3529

REFERENCES
url:http://www.juniper.net/support/security/alerts/ext-psn-2006-06-017.txt
Trust: 2.9
url:http://www.juniper.net/support/security/alerts/ipv6_bug.txt
Trust: 2.6
url:http://www.securityfocus.com/bid/18930
Trust: 2.5
url:http://www.kb.cert.org/vuls/id/294036
Trust: 2.5
url:http://www.osvdb.org/27132
Trust: 2.5
url:http://securitytracker.com/id?1016460
Trust: 2.5
url:http://secunia.com/advisories/21003
Trust: 2.5
url:http://www.frsirt.com/english/advisories/2006/2742
Trust: 1.4
url:http://xforce.iss.net/xforce/xfdb/27654
Trust: 1.4
url:http://www.vupen.com/english/advisories/2006/2742
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/27654
Trust: 1.1
url:https://www.juniper.net/alerts/viewalert.jsp?txtalertnumber=psn-2006-06-017
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-3529
Trust: 0.8
url:http://jvn.jp/cert/jvnvu294036/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3529
Trust: 0.8
url:http://www.juniper.net/
Trust: 0.3
url:http://secunia.com/product/5158/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/10974/
Trust: 0.1
url:http://secunia.com/hardcore_disassembler_and_reverse_engineer/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/product/3418/
Trust: 0.1
url:http://secunia.com/advisories/21003/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#294036 // 
            
            
            
            VULHUB: VHN-19637 // 
            
            
            
            BID: 18930 // 
            
            
            
            JVNDB: JVNDB-2006-000912 // 
            
            
            
            PACKETSTORM: 48141 // 
            
            
            
            CNNVD: CNNVD-200607-135 // 
            
            
            
            NVD: CVE-2006-3529

CREDITS
Juniper Networks
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200607-135

SOURCES
db:CERT/CCid:VU#294036
db:VULHUBid:VHN-19637
db:BIDid:18930
db:JVNDBid:JVNDB-2006-000912
db:PACKETSTORMid:48141
db:CNNVDid:CNNVD-200607-135
db:NVDid:CVE-2006-3529

LAST UPDATE DATE
2024-08-14T12:43:50.072000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#294036date:2006-07-17T00:00:00
db:VULHUBid:VHN-19637date:2017-07-20T00:00:00
db:BIDid:18930date:2006-07-12T22:08:00
db:JVNDBid:JVNDB-2006-000912date:2008-11-21T00:00:00
db:CNNVDid:CNNVD-200607-135date:2006-09-20T00:00:00
db:NVDid:CVE-2006-3529date:2017-07-20T01:32:22.460

SOURCES RELEASE DATE
db:CERT/CCid:VU#294036date:2006-07-11T00:00:00
db:VULHUBid:VHN-19637date:2006-07-12T00:00:00
db:BIDid:18930date:2006-07-10T00:00:00
db:JVNDBid:JVNDB-2006-000912date:2008-11-21T00:00:00
db:PACKETSTORMid:48141date:2006-07-12T07:20:23
db:CNNVDid:CNNVD-200607-135date:2006-07-11T00:00:00
db:NVDid:CVE-2006-3529date:2006-07-12T00:05:00