[c-nsp] Cisco Security Advisory: Cisco IOS Misformed BGP Packet Causes Reload

Gert Doering gert at greenie.muc.de
Thu Jan 27 04:15:33 EST 2005


Hi,

On Thu, Jan 27, 2005 at 10:45:27AM +0200, Pekka Savola wrote:
> On Wed, 26 Jan 2005, Cisco Systems Product Security Incident Response Team wrote:
> > |------------+-------------+-------------|
> > |            | 12.0(26)S5  |             |
> > |            |-------------+-------------|
> > |            | 12.0(27)S4  |             |
> > |12.0S       |-------------+-------------|
> > |            | 12.0(28)S1  |             |
> > |            |-------------+-------------|
> > |            |             | 12.0(29)S   |
> > |------------+-------------+-------------|
> 
> This is unclear.  Is 12.0(21)Sx affected, but not fixed (i.e., the 
> images before the BGP revamp)?  I suppose 22-25S are affected but not 
> fixed?

"This vulnerability is present in any unfixed version of Cisco IOS, from
the beginning of support for the BGP protocol, including versions 9.x, 
10.x, 11.x and 12.x."

> > |------------+-------------+-------------|
> > | 12.2S      |             | 12.2(25)S   |
> > |------------+-------------+-------------|
> 
> Likewise, are older 12.2S series affected (e.g., 18S), but just not 
> fixed, and folks have to upgrade?

I assume that it is so, and dislike it.

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de


More information about the cisco-nsp mailing list