Detections
Analytics

Cisco IOS XR Software Border Gateway Protocol DoS (cisco-sa-20090818-bgp)

high Nessus Plugin ID 159517

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco IOS XR Software with BGP enabled is affected by the following vulnerabilities:

 - Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute.
 (CVE-2009-1154)

 - Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009. (CVE-2009-2055)

 - Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path.
 (CVE-2009-2056)

Please see the included Cisco BID and Cisco Security Advisory for more information.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCtb18562

See Also

http://www.nessus.org/u?2554a1bf

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCtb18562

Plugin Details

Severity: High

ID: 159517

File Name: cisco-sa-20090818-ios-xr-bgp-dos.nasl

Version: 1.6

Type: combined

Family: CISCO

Published: 4/5/2022

Updated: 12/14/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2009-2055

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

CVSS Score Source: CVE-2009-1154

Vulnerability Information

CPE: cpe:/o:cisco:ios_xr

Required KB Items: Host/Cisco/IOS-XR/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/18/2009

Vulnerability Publication Date: 8/18/2009

CISA Known Exploited Vulnerability Due Dates: 4/15/2022

Reference Information

CVE: CVE-2009-1154, CVE-2009-2055, CVE-2009-2056

CISCO-SA: cisco-sa-20090818-bgp

CISCO-BUG-ID: CSCtb18562