Late last week a story came out about Juniper Networks routers being susceptible to a remote reboot. Versions of JUNOS and JUNOSe prior to 10.X can be crashed by sending a single packet to an open port on the router. The reboot occurs when a packet with the TCP Header Options field contains malformed data. This a relatively important flaw as Juniper routers are often installed as core routers on both enterprise networks and ISPs.

This serves as a good reminder to ensure your network infrastructure systems (routers, switches, firewalls, etc.) are up-to-date. During assessments we often find that unpatched network devices, along with misconfigured systems, are common. Patching network infrastructure systems should be part of an organization’s patch management procedure.

More information about the exploit can be found here and here.