-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Cisco IOS XR Software Border Gateway Protocol Vulnerabilities
http://www.cert-in.org.in/vulnerability/civn-2009-106.htm
Original Issue Date:August 31, 2009
Severity Rating:High
System Affected
Cisco IOS XR Software versions 3.4.0 and later
Cisco IOS XR Software versions 3.2.0 and later
Overview
Multiple vulnerabilities have been reported in Cisco IOS XR Software that
could allow a remote attacker to cause a DoS condition.
Description
1. Invalid BGP Update Remote Denial of Service Vulnerability
(CVE-2009-2055)
The vulnerability is due to an unspecified error in the handling of Border
Gateway Protocol (BGP) updates. An unauthenticated, remote attacker who
can send BGP updates to an affected system could send a crafted update and
cause the affected device to reset the BGP peering session, resulting in a
DoS condition.
Workaround
It is advised to configure peering neighbors to filter the invalid updates
on their outbound path. For more details refer Cisco Security Advisory
2. BGP Long Update Message Processing Denial of Service Vulnerability
(CVE-2009-1154)
This vulnerability exists due to improper handling of overly long
parameters within BGP update messages. An unauthenticated, remote attacker
could exploit this vulnerability by sending a malicious network request to
the vulnerable system. If successful, the attacker could cause a DoS
condition.
Workaround
Consider limiting the number of Autonomous System (AS) numbers within the
AS Path Attribute as described in the Cisco advisory
3. Border Gateway Protocol Configuration Denial of Service
(CVE-2009-2056)
The issue is due to an error in the handling of certain configurations. If
an affected version of Cisco IOS XR Software is configured to prepend a
very large number of Autonomous System (AS) Numbers to the AS path and when
the device constructs a border gateway protocol (BGP) update, the BGP
process will crash, resulting in a DoS condition.
Workaround
Configure the number of AS Numbers allowed to prepend an AS path to a
reasonable number.
Solution
Apply appropriate fixed versions as mentioned in CISCO Security Advisory.
http://www.cisco.com/warp/public/707/cisco-sa-20090818-bgp.shtml
Vendor Information
CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20090818
- - -bgp.shtml
References
CISCO
http://www.cisco.com/en/US/products/products_security_
advisory09186a0080af150f.shtml
http://tools.cisco.com/security/center/viewAlert.x?
alertId=18866
http://tools.cisco.com/security/center/viewAlert.x?
alertId=18906
http://tools.cisco.com/security/center/viewAlert.x?
alertId=18907
Security Tracker
http://securitytracker.com/alerts/2009/Aug/1022756.html
http://securitytracker.com/alerts/2009/Aug/1022739.html
CVE Name
CVE-2009-2055
CVE-2009-1154
CVE-2009-2056
Disclaimer
The information provided herein is on "as is" basis, without warranty of
any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
Note: Please do not reply to this e-mail. For further queries contact
CERT-In Information Desk. Email: info@cert-in.org.in
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8
wsBVAwUBSqoa6nWXeYNsoT30AQqQrggAnIrzIbgM3Q7JaTlJM9hyrePfmfQaxsXg
sfIe4L1fjNP24Rt1VvZPq5P6ZEjosm3/n3a2xZ9P1Yzcw8kBMqhOBTGL5hmPIcBS
uiCqeEoovzLKS0/G2TW3gZK39KgSn/w4IcanYNRdfmJaP47stLIQEqyxkz4BSRmT
b42A4ntPkZYUJ8u5lI2O/xk6YpHyK3ofEMK8+rMC/0opjFo+UaI8KC54StW7ljU9
7jmfHlN435Scyp0ml7W5vdQCWDEGsgb5Xa2YHys2euCH4IEH2LFXnYaro1RLg+x7
ufHrv1C0Hd8lfKtXBXDxLzXqSnATdF0EZk3y1LSWPpto/hZ7YzegnQ==
=99R9
-----END PGP SIGNATURE-----
No comments:
Post a Comment