Cisco NX-OS Software BGP DoS (CSCtn13055)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

A vulnerability in the Border Gateway Protocol (BGP) component of
Cisco NX-OS Software could allow an unauthenticated, remote attacker
to create a denial of service (DoS) condition by causing the BGP
service to reset and resync.

The vulnerability is due to improper filtering of invalid AS Path
values. An attacker could exploit this vulnerability by sending a
malformed BGP update to a downstream peer of the affected device. A
successful exploit could result in the downstream peers resetting the
BGP connection with the affected device.

See also :

http://www.nessus.org/u?e466fe6d

Solution :

Apply the relevant patch referenced in Cisco bug ID CSCtn13055.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 70457 ()

Bugtraq ID: 62858

CVE ID: CVE-2012-4098