Cisco IOS BGP Attribute Corruption Vulnerability - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch

Description :

A Border Gateway Protocol (BGP) UPDATE contains Network Layer
Reachability Information (NLRI) and attributes that describe the path
to the destination. An unrecognized transitive attribute can cause
failures in Cisco IOS routers, ranging from a crash upon receipt of the
unrecognized transitive attribute, to a later failure upon attempt to
clear the unrecognized transitive attribute. Specific but common
configurations are affected, and described below. The failure was
discovered because of a malfunction in the BGP implementation of
another vendor. There is no workaround. Affected customers are urged to
upgrade to fixed code.
This vulnerability has been assigned Cisco bug ID CSCdt79947.

See also :

http://www.nessus.org/u?d7083612
http://www.nessus.org/u?fdcf2c80

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20010510-ios-bgp-attr.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 48954 (cisco-sa-20010510-ios-bgp-attr.nasl)

Bugtraq ID: 2733

CVE ID: CVE-2001-0650