Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities - Cisco Systems

high Nessus Plugin ID 49037

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

Recent versions of Cisco IOS Software support RFC4893 ("BGP Support for Four-octet AS Number Space") and contain two remote denial of service (DoS) vulnerabilities when handling specific Border Gateway Protocol (BGP) updates.
These vulnerabilities affect only devices running Cisco IOS Software with support for four-octet AS number space (here after referred to as 4-byte AS number) and BGP routing configured.
The first vulnerability could cause an affected device to reload when processing a BGP update that contains autonomous system (AS) path segments made up of more than one thousand autonomous systems.
The second vulnerability could cause an affected device to reload when the affected device processes a malformed BGP update that has been crafted to trigger the issue.
Cisco has released free software updates to address these vulnerabilities.
No workarounds are available for the first vulnerability.
A workaround is available for the second vulnerability.

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20090729-bgp.

See Also

http://www.nessus.org/u?cc15d4f1

http://www.nessus.org/u?655d2446

Plugin Details

Severity: High

ID: 49037

File Name: cisco-sa-20090729-bgphttp.nasl

Version: 1.19

Type: local

Family: CISCO

Published: 9/1/2010

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 7/29/2009

Vulnerability Publication Date: 7/29/2009

Reference Information

CVE: CVE-2009-1168, CVE-2009-2049

BID: 35860, 35862

CWE: 16

CISCO-SA: cisco-sa-20090729-bgp

CISCO-BUG-ID: CSCsy86021, CSCta33973