Junos TCP Packet Processing Denial of Service Vulnerability

DoS in TCP packet processing
An attacker who can guess an in-window sequence number, source and destination address and port numbers can exploit this vulnerability to reset any established TCP session.
New builds of Junos OS software are available from Juniper. As a workaround enable TCP authentication, enable IPSec, enable the system to send ACKs for in-window RSTs and SYN packets, enable a stateful firewall to block SYN packets on existing sessions.
For an established TCP session, TCP input validation only ensures that sequence numbers are within the acceptable window prior to examining whether the SYN flag is set on the segment. If the SYN flag is set, the TCP stack drops the session and sends a RST segment to the other side. This issue only affects TCP sessions terminating on the router. Transit traffic and TCP Proxy services are unaffected by this vulnerability.
Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.2, 13.3
Check the OS build.

Updated on 2015-03-25