[nsp] cisco password hash problems?
Bruce Pinsky
bep at whack.org
Tue Apr 13 15:10:54 EDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hank Nussbacher wrote:
| On Tue, 13 Apr 2004, Bruce Pinsky wrote:
|
|
| Hank Nussbacher wrote:
|
| | At 11:17 PM 12-04-04 -0400, jlewis at lewis.org wrote:
| |
| | I tried opening a TAC case (E818245) back on Dec 4 on this but Cisco
| | told me to look at CSCdw75860 which only addressed the problem in OSPF
| | but we could not convince them we saw it in BGP password hash as well.
| |
|
|
| Were you able to consistently recreate it? What version? How?
|
|
|> Recreate it? I should downgrade my routers so as to provide debugging?
|> :-)
|
Not necessarily. Or perhaps in your lab.
|> Versions: 12.0(25)S2 upgraded to 12.2(18)S1 and "some" OSPF+BGP Md5 pswds
|> stopped working. Not all - just some.
|
Yes, the nature of the bug is that some OSPF MD5 passwords could be
invalid. Specifically, ones that are marked as encrypted when they are
really the cleartext or are marked as encrypted, but the supplied password
is not the properly encrypted one.
As for BGP, I don't see a bug of similar nature. However, there are the
ones that I mentioned that could be involved.
|> -Hank
|
|
| I found several BGP/MD5 issues including:
|
| CSCeb07106 BGP and md5 authentication issues - TCP-6-TOOBIG
| ~ CSCeb06813 BGP Peer will not come up after disabling MD5
| CSCec29952 bgp md5 authentication not working when configured in mpls
| vpn vrf
| CSCed65333 Malformed sync ack packet with BGP MD5 authentication
|
|
| --
| =========
| bep
|
- --
=========
bep
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32)
iD8DBQFAfDs+E1XcgMgrtyYRAvesAKCYBN2Nvrbymz66B//R9JJbM+NitgCg7kIM
Or6Ea6UvsCsqQ8dpRLrxpjw=
=4QlV
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list