Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ios | Cisco | * | 12.0 (including) |
| Ios | Cisco | 11.2 (including) | 11.2 (including) |
| Ios | Cisco | 11.3 (including) | 11.3 (including) |
| Ios | Cisco | 12.0 (including) | 12.0 (including) |
References
- http://ciac.llnl.gov/ciac/bulletins/l-082.shtml
- http://www.cisco.com/warp/public/707/ios-bgp-attr-corruption-pub.shtml
- http://www.kb.cert.org/vuls/id/106392
- http://www.osvdb.org/1830
- http://www.securityfocus.com/bid/2733
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6566
- http://ciac.llnl.gov/ciac/bulletins/l-082.shtml
- http://www.cisco.com/warp/public/707/ios-bgp-attr-corruption-pub.shtml
- http://www.kb.cert.org/vuls/id/106392
- http://www.osvdb.org/1830
- http://www.securityfocus.com/bid/2733
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6566