IPv6 router bug: Juniper spins out hotfix to thwart DDoS attacks

Juniper Networks has found and mostly patched a flaw in the way the firmware on its routers process IPv6 traffic, which allowed malicious users to simulate Direct Denial of Service attacks.

The vulnerability, which seems to be common to all devices processing IPv6 address, meant that purposely crafted neighbour discovery packets could be used to flood the routing engine from a remote or unauthenticated source, causing it to stop processing legitimate traffic, and leading to a DDoS condition.

According to Juniper's advisory report:

Read 5 remaining paragraphs | Comments