| VID |
29123 |
| Severity |
40 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco IOS, according to its version number, has a denial of service vulnerability by a crafted BGP packet (CISCO bug ID CSCee67450). The Border Gateway Protocol (BGP) is a routing protocol defined by RFC 1771, and designed to manage IP routing in large networks. CISCO IOS versions 9.x, 10.x, 11.x, 12.x and XR could allow a remote attacker to execute arbitrary code, or cause a denial of service when dealing with malformed BGP packets when the option "bgp log-neighbor-changes" is enabled. Although this option is not enabled by default, it is common for service providers to enable this option manually to diagnose network problems. In order to exploit this vulnerability, an attacker would need to compromise a known BGP peer or insert traffic into an established stream. A remote attacker could exploit this vulnerability to gain full control of the affected device or to cause the device to reload.
* Note: This check solely relied on the version number of the remote system to assess these vulnerabilities, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor. And also, if BGP is disabled, please ignore this alert.
* References:
http://www.cisco.com/warp/public/707/cisco-sa-20050126-bgp.shtml
http://xforce.iss.net/xforce/alerts/id/185
http://www.kb.cert.org/vuls/id/689326
http://www.us-cert.gov/cas/techalerts/TA05-026A.html
http://securitytracker.com/alerts/2005/Jan/1013013.html
http://www.cisco.com/en/US/products/products_security_advisory09186a00803be7d9.shtml
* Platforms Affected:
Cisco IOS versions 9.x, 10.x, 11.x, 12.x and XR |
| Recommendation |
Upgrade to the fixed Cisco IOS version, as listed in "Software Versions and Fixes" of Cisco Security Advisory (Cisco IOS Misformed BGP Packet Causes Reload) at http://www.cisco.com/warp/public/707/cisco-sa-20050126-bgp.shtml
Upgrades should be obtained through the Software Center on Cisco's worldwide web site at http://www.cisco.com |
| Related URL |
CVE-2005-0196 (CVE) |
| Related URL |
12370 (SecurityFocus) |
| Related URL |
19074 (ISS) |
|
