• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Multiple Vendors Malformed BGP 'UPDATE' Message Remote Denial of Service Vulnerability

Severity: MODERATE

Description:

Multiple vendors' BGP implementations are prone to a remote denial-of-service vulnerability.

This issue arises when the software handles specially crafted BGP packets. According to reports on Juniper mailing lists, BGP peers receiving malformed update traffic from another BGP peer will close unexpectedly and then reestablish sessions. This is commonly referred to as a 'flap' or BGP/OSPF 'interface flapping'.

A remote attacker can exploit this issue to cause a denial of service between synchronized BGP peers.

NOTE: This issue is related to the vulnerability discussed in BID 26869 (Juniper Networks JUNOS Malformed BGP Remote Denial of Service Vulnerability). It has been assigned its own record because details regarding what technologies are vulnerable and how the various vendors have implemented BGP are not currently available. As more information emerges, we will create individual records to further document the vulnerability for the various vulnerable technologies.

AlaxalA Networks AX series and Hitachi GR series are reported vulnerable to this issue. Unspecified technologies from Avici Systems, Inc., Century Systems Inc., and Yamaha Corporation are also reported vulnerable.

Affected Products:

• ALAXALA Networks AX2000R
• ALAXALA Networks AX2400S
• ALAXALA Networks AX3600S
• ALAXALA Networks AX5400S
• ALAXALA Networks AX7700R
• ALAXALA Networks AX7800R
• ALAXALA Networks AX7800S
• Hitachi AlaxalA AX
• Hitachi GR2000-1B
• Hitachi GR2000-2B
• Hitachi GR2000-2B+
• Hitachi GR2000-BH
• Hitachi GR3000
• Hitachi GR4000

References:

• US-CERT: Vulnerability Note VU#929656 Multiple vendors' BGP implementations do not proper

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.