Cisco ios xr bgp Packet Processing Denial of Service Vulnerability

Cisco ios xr bgp Packet Processing Denial of Service Vulnerability

Release date: 2010-08-30
Updated on: 2010-08-31

Affected Systems:
Cisco ios xr 3.4.0-3.9.1
Description:
--------------------------------------------------------------------------------
Cve id: CVE-2010-3035

Cisco ios xr is an operating system with self-protection and self-repair functions used in Cisco network devices.

The BGP feature of Cisco ios xr Software has a vulnerability. This vulnerability occurs if the prefix published by the BGP peer has a specific intermediate attribute that is valid but cannot be identified. When receiving this prefix, the Cisco ios xr device destroys the attribute before sending it to a nearby device. A nearby device that has received the corrupted update may reset the BGP peer session.

<* Source: Cisco

Link: http://secunia.com/advisories/41190/
Http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Cisco
-----
Cisco has released a Security Bulletin (cisco-sa-20100827-bgp) and patches for this:
Cisco-sa-20100827-bgp: Cisco ios xr Software Border Gateway Protocol Vulnerability
Link: http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml