A vulnerability has been discovered in Juniper JUNOS, which can be
exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to a memory leak within the IPv6
Packet Forwarding Engine (PFE) when processing certain IPv6 packets.
This can be exploited by sending multiple specially crafted IPv6
packets to a vulnerable network device.
Successful exploitation consumes all available memory and causes a
vulnerable network device to reboot.
The vulnerability affects all Juniper routers running JUNOS with a
PFE released after February 24, 2004.
A solution is available at:
Disable IPv6 support in the PFE.
Internet Explorer Frame Injection Vulnerability
Microsoft Internet Explorer 6
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.01
http-equiv has discovered a 6 year old vulnerability in Microsoft
Internet Explorer, allowing malicious people to spoof the content of
The problem is that Internet Explorer fails to stop a malicious
website from loading arbitrary content in an arbitrary frame in
another browser window. An example has been posted, which shows
arbitrary content in a frame on windowsupdate.microsoft.com.
Successful exploitation allows a malicious site to load arbitrary
content, which appears to originate from a trusted site.
This vulnerability is similar to an old vulnerability fixed by
MS98-020 in Internet Explorer version 3 and 4.
The vulnerability has been confirmed in a fully patched Internet
Explorer 6 running on Microsoft Windows XP. Other versions of
Internet Explorer may also be affected.
Do not visit or follow links from untrusted websites.
Use another browser.
PROVIDED AND/OR DISCOVERED BY: