ISS X-Force Database: cisco-ios-bgp-packetdos(19074): Cisco IOS BGP packet denial of service and gain full control

Cisco IOS BGP packet denial of service and gain full control

cisco-ios-bgp-packetdos (19074)

High Risk

Description:

Cisco devices running vulnerable Cisco Internetworking Operating System Software (IOS) could allow a remote attacker to execute arbitrary code, or cause a denial of service attack. By default, the Border Gateway Protocol (BGP) is not enabled. If the device is configured with the BGP log-neighbor-changes command, a remote attacker could send a specially-crafted BGP packet, that appears to be from a trusted source, which would allow the attacker to gain full control of the affected router, or cause the device to reload.

Platforms Affected:

Cisco, IOS 12.0
Cisco, IOS 12.0DA
Cisco, IOS 12.0DB
Cisco, IOS 12.0DC
Cisco, IOS 12.0S
Cisco, IOS 12.0SC
Cisco, IOS 12.0SP
Cisco, IOS 12.0ST
Cisco, IOS 12.0SX
Cisco, IOS 12.0SY
Cisco, IOS 12.0SZ
Cisco, IOS 12.0W5
Cisco, IOS 12.0WC
Cisco, IOS 12.0WT
Cisco, IOS 12.0WX
Cisco, IOS 12.0XA
Cisco, IOS 12.0XB
Cisco, IOS 12.0XC
Cisco, IOS 12.0XD
Cisco, IOS 12.0XE
Cisco, IOS 12.0XF
Cisco, IOS 12.0XG
Cisco, IOS 12.0XH
Cisco, IOS 12.0XI
Cisco, IOS 12.0XJ
Cisco, IOS 12.0XK
Cisco, IOS 12.0XL
Cisco, IOS 12.0XM
Cisco, IOS 12.0XN
Cisco, IOS 12.0XP
Cisco, IOS 12.0XQ
Cisco, IOS 12.0XR
Cisco, IOS 12.0XS
Cisco, IOS 12.0XT
Cisco, IOS 12.0XU
Cisco, IOS 12.0XV
Cisco, IOS 12.1
Cisco, IOS 12.1AA
Cisco, IOS 12.1AX
Cisco, IOS 12.1AY
Cisco, IOS 12.1AZ
Cisco, IOS 12.1DA
Cisco, IOS 12.1DB
Cisco, IOS 12.1DC
Cisco, IOS 12.1E
Cisco, IOS 12.1EA
Cisco, IOS 12.1EC
Cisco, IOS 12.1EO
Cisco, IOS 12.1EV
Cisco, IOS 12.1EW
Cisco, IOS 12.1EX
Cisco, IOS 12.1EY
Cisco, IOS 12.1T
Cisco, IOS 12.1XA
Cisco, IOS 12.1XB
Cisco, IOS 12.1XC
Cisco, IOS 12.1XD
Cisco, IOS 12.1XE
Cisco, IOS 12.1XF
Cisco, IOS 12.1XG
Cisco, IOS 12.1XH
Cisco, IOS 12.1XI
Cisco, IOS 12.1XJ
Cisco, IOS 12.1XL
Cisco, IOS 12.1XM
Cisco, IOS 12.1XP
Cisco, IOS 12.1XQ
Cisco, IOS 12.1XR
Cisco, IOS 12.1XT
Cisco, IOS 12.1XU
Cisco, IOS 12.1XV
Cisco, IOS 12.1YA
Cisco, IOS 12.1YB
Cisco, IOS 12.1YF
Cisco, IOS 12.1YH
Cisco, IOS 12.1YI
Cisco, IOS 12.1YJ
Cisco, IOS 12.2
Cisco, IOS 12.2B
Cisco, IOS 12.2BC
Cisco, IOS 12.2BW
Cisco, IOS 12.2BX
Cisco, IOS 12.2BY
Cisco, IOS 12.2BZ
Cisco, IOS 12.2CZ
Cisco, IOS 12.2DA
Cisco, IOS 12.2DD
Cisco, IOS 12.2DX
Cisco, IOS 12.2EW
Cisco, IOS 12.2JK
Cisco, IOS 12.2MB
Cisco, IOS 12.2MC
Cisco, IOS 12.2MX
Cisco, IOS 12.2S
Cisco, IOS 12.2SE
Cisco, IOS 12.2SU
Cisco, IOS 12.2SW
Cisco, IOS 12.2SX
Cisco, IOS 12.2SXA
Cisco, IOS 12.2SXB
Cisco, IOS 12.2SXD
Cisco, IOS 12.2SY
Cisco, IOS 12.2SZ
Cisco, IOS 12.2T
Cisco, IOS 12.2X
Cisco, IOS 12.2XA
Cisco, IOS 12.2XB
Cisco, IOS 12.2XC
Cisco, IOS 12.2XD
Cisco, IOS 12.2XE
Cisco, IOS 12.2XF
Cisco, IOS 12.2XG
Cisco, IOS 12.2XH
Cisco, IOS 12.2XI
Cisco, IOS 12.2XJ
Cisco, IOS 12.2XK
Cisco, IOS 12.2XL
Cisco, IOS 12.2XM
Cisco, IOS 12.2XN
Cisco, IOS 12.2XQ
Cisco, IOS 12.2XS
Cisco, IOS 12.2XT
Cisco, IOS 12.2XU
Cisco, IOS 12.2XW
Cisco, IOS 12.2XZ
Cisco, IOS 12.2YA
Cisco, IOS 12.2YB
Cisco, IOS 12.2YC
Cisco, IOS 12.2YE
Cisco, IOS 12.2YF
Cisco, IOS 12.2YG
Cisco, IOS 12.2YH
Cisco, IOS 12.2YJ
Cisco, IOS 12.2YK
Cisco, IOS 12.2YL
Cisco, IOS 12.2YM
Cisco, IOS 12.2YN
Cisco, IOS 12.2YO
Cisco, IOS 12.2YP
Cisco, IOS 12.2YQ
Cisco, IOS 12.2YR
Cisco, IOS 12.2YS
Cisco, IOS 12.2YT
Cisco, IOS 12.2YU
Cisco, IOS 12.2YV
Cisco, IOS 12.2YW
Cisco, IOS 12.2YX
Cisco, IOS 12.2YY
Cisco, IOS 12.2YZ
Cisco, IOS 12.2ZA
Cisco, IOS 12.2ZB
Cisco, IOS 12.2ZC
Cisco, IOS 12.2ZD
Cisco, IOS 12.2ZE
Cisco, IOS 12.2ZF
Cisco, IOS 12.2ZG
Cisco, IOS 12.2ZH
Cisco, IOS 12.2ZI
Cisco, IOS 12.2ZJ
Cisco, IOS 12.2ZK
Cisco, IOS 12.2ZL
Cisco, IOS 12.2ZM
Cisco, IOS 12.2ZN
Cisco, IOS 12.2ZO
Cisco, IOS 12.2ZP
Cisco, IOS 12.3
Cisco, IOS 12.3B
Cisco, IOS 12.3BW
Cisco, IOS 12.3T
Cisco, IOS 12.3XA
Cisco, IOS 12.3XB
Cisco, IOS 12.3XC
Cisco, IOS 12.3XD
Cisco, IOS 12.3XE
Cisco, IOS 12.3XF
Cisco, IOS 12.3XG
Cisco, IOS 12.3XH
Cisco, IOS 12.3XI
Cisco, IOS 12.3XJ
Cisco, IOS 12.3XK
Cisco, IOS 12.3XL
Cisco, IOS 12.3XN
Cisco, IOS 12.3XQ
Cisco, IOS 12.3XR
Cisco, IOS 12.3XS
Cisco, IOS 12.3XU
Cisco, IOS 12.3XV
Cisco, IOS 12.3XX
Cisco, IOS 12.3YA
Cisco, IOS 12.3YC
Cisco, IOS 12.3YD
Cisco, IOS 12.3YE
Cisco, IOS 12.3YF
Cisco, IOS 12.3YH
Cisco, IOS 12.3YJ
Cisco, IOS 12.3YL

Remedy:

Upgrade to the latest fixed Cisco IOS version, as listed in Cisco Security Advisory 2005 January 26 1600 UTC (GMT). See References.

Consequences:

Denial of Service

References:

Cisco Security Advisory 2005 January 26 1600 UTC (GMT), Cisco IOS Misformed BGP Packet Causes Reload at http://www.cisco.com/en/US/products/products_security_advisory09186a00803be7d9.shtml.
Internet Security Systems Protection Alert, January 27, 2005, Multiple Vulnerabilities in Cisco IOS at http://xforce.iss.net/xforce/alerts/id/185.
BID-12370: Cisco IOS Border Gateway Protocol Processing Remote Denial Of Service Vulnerability
CVE-2005-0196: Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet.
SA14034: Cisco IOS BGP Protocol Processing Denial of Service
SECTRACK ID: 1013013: Cisco IOS BGP log-neighbor-changes Processing Error Lets Remote Users Deny Service
US-CERT VU#689326: Cisco IOS vulnerable to DoS via malformed BGP packet

Reported:

Jan 26, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page