Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Recent versions of Cisco IOS Software support RFC4893 ("BGP Support for
Four-octet AS Number Space") and contain two remote denial of service
(DoS) vulnerabilities when handling specific Border Gateway Protocol
(BGP) updates.
These vulnerabilities affect only devices running Cisco IOS Software
with support for four-octet AS number space (here after referred to as
4-byte AS number) and BGP routing configured.
The first vulnerability could cause an affected device to reload when
processing a BGP update that contains autonomous system (AS) path
segments made up of more than one thousand autonomous systems.
The second vulnerability could cause an affected device to reload when
the affected device processes a malformed BGP update that has been
crafted to trigger the issue.
Cisco has released free software updates to address these
vulnerabilities.
No workarounds are available for the first vulnerability.
A workaround is available for the second vulnerability.

See also :

http://www.nessus.org/u?46682303
http://www.nessus.org/u?c40e4bd6

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20090729-bgp.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 49037 (cisco-sa-20090729-bgphttp.nasl)

Bugtraq ID: 35860
35862

CVE ID: CVE-2009-1168
CVE-2009-2049