Wednesday, October 28, 2015

Cisco ASR 5500 SAE Gateway BGP Denial of Service Vulnerability

A vulnerability in the Border Gateway Protocol (BGP) input packet handler in the Cisco ASR 5500 System Architecture Evolution (SAE) Gateway could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition because the BGP process restarts unexpectedly.

The vulnerability is due to lack of proper input validation of the BGP packet header. An attacker could exploit this vulnerability by sending a crafted BGP packet to the affected device. An exploit could allow the attacker to cause a partial DoS condition because the BGP process restarts unexpectedly.

Cisco has released software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available.

This advisory is available at the following link:
http://ift.tt/1KGmN7A

from Cisco Security Advisory http://ift.tt/1KGmN7A
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)