[j-nsp] CVE-2023-4481

Tom Beecher beecher at beecher.cc
Mon Sep 11 13:55:44 EDT 2023


>
> Which in theory opens a new attack vector for the future.
>

What is the attack vector you foresee for a route sitting as hidden with
the potentially offending attributes stripped off?

On Thu, Aug 31, 2023 at 4:27 AM Tobias Heister via juniper-nsp <
juniper-nsp at puck.nether.net> wrote:

> Hi,
>
> Am 30.08.2023 um 18:09 schrieb heasley via juniper-nsp:
> > Tue, Aug 29, 2023 at 03:42:41PM -0700, David Sinn via juniper-nsp:
> >> A network I operate is going with:
> >>
> >>          bgp-error-tolerance {
> >>              malformed-route-limit 0;
> >>          }
> >>
> >> The thoughts being that there is no real reason to retain the malformed
> route and the default of 1000 is arbitrary. We haven't really seen a rash
> of them, so adjusting the logging hasn't proven needed yet.
> >
> > It does seem arbitrary.  retaining all seems like a better choice,
> > operationally.  allowing the operator diagnose why a route is missing;
> > show route .... hidden.
>
> Which in theory opens a new attack vector for the future.
>
> As the update is malformed it could do $something to the handling in
> e.g. RPD or other daemons by processing them somehow wrong. By not
> holding or further process any of them that could (maybe, hopefully?) be
> minimized.
>
> Of course proper code and handling of malformed things would be even
> better, but you know ...
>
> regards
> Tobias
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


More information about the juniper-nsp mailing list