Cisco IOS Misformed BGP Packet Causes Reload - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch

Description :

A Cisco device running IOS Border Gateway Protocol (BGP) is vulnerable
to a Denial of Service (DoS) attack from a malformed BGP packet. Only
devices with either the command bgp log-neighbor-changes configured or
the command snmp-server enable traps bgp are vulnerable. The BGP
protocol is not enabled by default, and must be configured in order to
accept traffic from an explicitly defined peer. Unless the malicious
traffic appears to be sourced from a configured, trusted peer, it would
be difficult to inject a malformed packet.
Cisco has made free software available to address this problem.

See also :

Solution :

Apply the relevant patch referenced in Cisco Security Advisory

Risk factor :

High / CVSS Base Score : 7.1
CVSS Temporal Score : 5.7
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 48980 (cisco-sa-20050126-bgphttp.nasl)

Bugtraq ID: 12370

CVE ID: CVE-2005-0196

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now