Cisco IOS BGP packet denial of service
| cisco-ios-bgp-packet-dos (16427) |  Medium Risk |
Description:
Cisco devices are vulnerable to a denial of service attack. If the Border Gateway Protocol (BGP) is enabled, which is not the default setting, a remote attacker could send a malformed BGP packet, that appears to be from an authorized source, to the vulnerable device to cause the device to reload. This vulnerability affects multiple versions of Cisco IOS firmware 11.1, 11.2, 11.3, 12.0, 12.1 and 12.2.
Consequences:
Denial of Service
Remedy:
Apply the appropriate patch for your system, as listed in Cisco Security Advisory June 16 15:00 UTC. See References.
References:
- CIAC Information Bulletin O-163: Cisco IOS Malformed BGP Packet Causes Reload.
- Cisco Security Advisory June 16 15:00 UTC: Cisco IOS Malformed BGP packet causes reload.
- BID-10560: Cisco IOS Border Gateway Protocol Denial Of Service Vulnerability
- CVE-2004-0589: Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
- US-CERT VU#784540: BGP implementations do not adequately handle malformed BGP OPEN and UPDATE messages
Platforms Affected:
- Cisco IOS 11.1
- Cisco IOS 11.2
- Cisco IOS 11.3
- Cisco IOS 12.0
- Cisco IOS 12.1
- Cisco IOS 12.2
Reported:
Jun 16, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net