• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Cisco IOS BGP Transitive Attribute Denial of Service Vulnerability

Severity: HIGH

Description:

IOS is the firmware designed for Cisco routers. IOS is a router specific firmware designed to allow networkers the ability to configure and control Cisco routers.

A problem in IOS makes it possible for remote users to crash Cisco routers. By crashing the router, it may be possible to deny service to legitimate users of network resources.

During normal operation, Cisco routers using BGP update their routing tables from periodic BGP UPDATE messages.

The problem occurs in the handling of BGP updates by IOS. A BGP UPDATE contains transitive attributes, which detail information about routing transitions. By specifying an unrecognized transitive attribute, IOS becomes unstable, performing an unpredictable activity between crashing upon receiving the packet, or failing later while trying to clear the unrecognized attribute. The router requires power cycling to resume normal operation.

Affected Products:

• Cisco IOS 11.2
• Cisco IOS 11.2(4)XA
• Cisco IOS 11.2(4)XAf
• Cisco IOS 11.2BC
• Cisco IOS 11.2F
• Cisco IOS 11.2GS
• Cisco IOS 11.2P
• Cisco IOS 11.3
• Cisco IOS 11.3AA
• Cisco IOS 11.3DA
• Cisco IOS 11.3DB
• Cisco IOS 11.3HA
• Cisco IOS 11.3NA
• Cisco IOS 11.3T
• Cisco IOS 11.3WA4
• Cisco IOS 12.0
• Cisco IOS 12.0DA
• Cisco IOS 12.0DB
• Cisco IOS 12.0DC
• Cisco IOS 12.0S
• Cisco IOS 12.0T
• Cisco IOS 12.0W5
• Cisco IOS 12.0XA
• Cisco IOS 12.0XB
• Cisco IOS 12.0XC
• Cisco IOS 12.0XD
• Cisco IOS 12.0XE
• Cisco IOS 12.0XF
• Cisco IOS 12.0XG
• Cisco IOS 12.0XH
• Cisco IOS 12.0XI
• Cisco IOS 12.0XJ

References:

• Cisco Systems: Cisco Security Advisory: Cisco IOS BGP Attribute Corruption Vulnerability

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.