ID CVE-2004-0589
Summary Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
References
Vulnerable Configurations
  • Cisco IOS
    cpe:2.3:o:cisco:ios
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
NASL family CISCO
NASL id CISCO-SA-20040616-BGPHTTP.NASL
description A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. Cisco has made free software available to address this problem.
last seen 2019-02-21
modified 2018-11-15
plugin id 48975
published 2010-09-01
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=48975
title Cisco IOS Malformed BGP Packet Causes Reload - Cisco Systems
oval via4
accepted 2008-09-08T04:00:14.857-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
family ios
id oval:org.mitre.oval:def:4948
status accepted
submitted 2008-04-30T11:06:36.000-04:00
title Cisco IOS Border Gateway Protocol (BGP) OPEN and UPDATE Messages Design Error Vulnerability
version 4
refmap via4
cert-vn VU#784540
cisco 20040616 Cisco IOS Malformed BGP Packet Causes Reload
xf cisco-ios-bgp-packet-dos(16427)
Last major update 04-03-2009 - 00:22
Published 06-08-2004 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top