Executive Summary
Summary | |
---|---|
Title | Multiple BGP implementations do not properly handle UPDATE messages |
Informations | |||
---|---|---|---|
Name | VU#929656 | First vendor Publication | 2008-05-01 |
Vendor | VU-CERT | Last vendor Modification | 2008-06-06 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#929656Multiple BGP implementations do not properly handle UPDATE messagesOverviewBGP implementations from multiple vendors including Juniper may not properly handle specially crafted BGP UPDATE messages. These vulnerabilities could allow an unauthenticated, remote attacker to cause a denial of service. Disrupting BGP communication could lead to routing instability.I. DescriptionThe Border Gateway Protocol (BGP, RFC 4271) is a widely used inter-Autonomous System routing protocol. BGP communication among peer routers is critical to the stable operation of the internet. Multiple vendors BGP implementations do not properly handle specially crafted BGP UPDATE messages. A vulnerable BGP implementation could drop sessions when processing crafted UPDATE messages. A persistent attack could lead to routing instability (route flapping). To affect a BGP session, an attacker would need to succesfully inject a specially crafted packet into an existing BGP session or the underlying TCP session (179/tcp). In other words, the attacker would need to have a valid, configured BGP session or be able to spoof TCP traffic.This vulnerability was first announced as affecting Juniper routers. Further investigation indicates that other vendors are affected by the same or similar issues. Please see the Systems Affected section below. Upgrade your BGP software as appropriate. Please see the Systems Affected section below for information about specific vendors.
Referenceshttp://www.kb.cert.org/vuls/id/415294 Thanks to members of the Juniper Security Incident Response Team for help in preparing this document. This document was written by Art Manion.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/929656 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Hardware | 1 | |
Hardware | 1 | |
Hardware | 1 | |
Hardware | 5 | |
Hardware | 1 | |
Hardware | 1 | |
Os |
| 9 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45434 | Yamaha Routers Malformed BGP Update Message Remote DoS |
45433 | Hitachi GR Routers Malformed BGP Update Message Remote DoS |
45432 | AlaxalA AX Routers Malformed BGP Update Message Remote DoS |
45431 | Century Routers Malformed BGP Update Message Remote DoS |
45430 | Avici Routers Malformed BGP Update Message Remote DoS |
44947 | ALAXALA Networks AX Series Malformed BGP Update Message Remote DoS |
44942 | Hitachi GR Series Malformed BGP Update Message Remote DoS |
39158 | Juniper Junos IPv6 Traffic Handling Unspecified Remote Overflow DoS Juniper Junos contains a flaw that may allow a remote denial of service. The issue is triggered due to a specially crafted IPv6 packet, and will result in a memory leak in the kernel and a loss of availability for the platform. |
39157 | Juniper Junos Malformed BGP Update Message Remote DoS |