Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:12122
HistoryAug 26, 2009 - 12:00 a.m.

Cisco IOS XR BGP更新AS前置拒绝服务漏洞

2009-08-2600:00:00
Root
www.seebug.org
7

0.001 Low

EPSS

Percentile

41.8%

JSON

BUGTRAQ ID: 36093
CVE(CAN) ID: CVE-2009-2056

Cisco IOS是思科网络设备所使用的互联网操作系统。

如果将Cisco IOS XR BGP进程配置为向AS路径前置大量的AS编号,BGP进程会崩溃。所需前置的AS编号数量和导致的崩溃都超过了生产环境中的正常限制。

当受影响设备的BGP进程由于这种超大AS路径前置而崩溃,在崩溃之前不会生成日志消息。

Cisco IOS XR 3.8.X
Cisco IOS XR 3.7.X
Cisco IOS XR 3.6.X
Cisco IOS XR 3.5.X
Cisco IOS XR 3.4.X
Cisco IOS XR 3.3.X
Cisco IOS XR 3.2.X
临时解决方法:

  • 减少Cisco IOS XR中所配置的AS路径前置数量。

厂商补丁:

Cisco

Cisco已经为此发布了一个安全公告(cisco-sa-20090818-bgp)以及相应补丁:
cisco-sa-20090818-bgp:Cisco IOS XR Software Border Gateway Protocol Vulnerability
链接:http://www.cisco.com/warp/public/707/cisco-sa-20090818-bgp.shtml

Related

prion 1
cve 1
nvd 1
cvelist 1
nessus 1
cisco 1
prion
prion
Path traversal
2009-08-21 17:30:00
cve
cve
CVE-2009-2056
2022-10-03 16:24:05
nvd
nvd
CVE-2009-2056
2009-08-21 17:30:00
cvelist
cvelist
CVE-2009-2056
2022-10-03 16:24:05
nessus
nessus
Cisco IOS XR Software Border Gateway Protocol DoS (cisco-sa-20090818-bgp)
2022-04-05 00:00:00
cisco
cisco
Cisco IOS XR Software Border Gateway Protocol Vulnerabilities
2009-08-18 15:00:00

0.001 Low

EPSS

Percentile

41.8%

JSON
Related for SSV:12122
prion1cve1nvd1cvelist1nessus1cisco1