CVE Vulnerabilities

CVE-2009-1168

Published: Jul 30, 2009 | Modified: Sep 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.1 HIGH
AV:N/AC:M/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021.

Affected Software

Name Vendor Start Version End Version
Ios Cisco 12.0(32)s12 (including) 12.0(32)s12 (including)
Ios Cisco 12.0(32)s13 (including) 12.0(32)s13 (including)
Ios Cisco 12.0(32)sy8 (including) 12.0(32)sy8 (including)
Ios Cisco 12.0(32)sy9 (including) 12.0(32)sy9 (including)
Ios Cisco 12.0(33)s3 (including) 12.0(33)s3 (including)
Ios Cisco 12.0(33)s4 (including) 12.0(33)s4 (including)
Ios Cisco 12.2(33)sxi1 (including) 12.2(33)sxi1 (including)
Ios Cisco 12.2(33)sxi2 (including) 12.2(33)sxi2 (including)
Ios Cisco 12.2xnc (including) 12.2xnc (including)
Ios Cisco 12.2xnd (including) 12.2xnd (including)
Ios Cisco 12.4(24)t1 (including) 12.4(24)t1 (including)
Ios_xe Cisco 2.3 (including) 2.3 (including)
Ios_xe Cisco 2.3.1t (including) 2.3.1t (including)
Ios_xe Cisco 2.4 (including) 2.4 (including)
Ios_xe Cisco 2.4.0 (including) 2.4.0 (including)

References