Cisco IOS Misformed BGP Packet Causes Reload - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch

Description :

A Cisco device running IOS Border Gateway Protocol (BGP) is vulnerable
to a Denial of Service (DoS) attack from a malformed BGP packet. Only
devices with either the command bgp log-neighbor-changes configured or
the command snmp-server enable traps bgp are vulnerable. The BGP
protocol is not enabled by default, and must be configured in order to
accept traffic from an explicitly defined peer. Unless the malicious
traffic appears to be sourced from a configured, trusted peer, it would
be difficult to inject a malformed packet.
Cisco has made free software available to address this problem.

See also :

http://www.nessus.org/u?3afb30e4
http://www.nessus.org/u?e75421ee

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20050126-bgp.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.7
(CVSS2#E:U/RL:W/RC:C)
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 48980 (cisco-sa-20050126-bgphttp.nasl)

Bugtraq ID: 12370

CVE ID: CVE-2005-0196