oss-sec mailing list archives
Re: CVE Request: BGP protocol vulnerability
From: Kurt Seifried <kurt () seifried org>
Date: Sat, 28 Aug 2010 18:46:01 -0600
The BGP protocol and its various extensions require that BGP peering sessions are terminated when a peer receives a BGP update message which it considers semantically incorrect, leading to a persistent denial-of-service condition if the update is received again after the terminated session is reestablished. (This is not something new at all---we just need to get up, treat it as a vulnerability, and fix it.)
This sounds like CVE-2010-3035 http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml or are you talking about another BGP issue? (but in the same "family" as CVE-2009-2055 and CVE-2010-3035). -- Kurt Seifried kurt () seifried org tel: 1-703-879-3176
Current thread:
- CVE Request: BGP protocol vulnerability Florian Weimer (Aug 28)
- Re: CVE Request: BGP protocol vulnerability Kurt Seifried (Aug 28)
- Re: CVE Request: BGP protocol vulnerability Florian Weimer (Aug 29)
- Re: CVE Request: BGP protocol vulnerability Josh Bressers (Aug 30)
- Re: CVE Request: BGP protocol vulnerability Steven M. Christey (Aug 31)
- Re: CVE Request: BGP protocol vulnerability Florian Weimer (Aug 29)
- Re: CVE Request: BGP protocol vulnerability Kurt Seifried (Aug 28)