[nsp-sec] Crafted bgp update msg may cause slave re tocrashJunOS.
Paul Goyette
pgoyette at juniper.net
Thu Sep 18 20:10:01 EDT 2008
If the specifically-crafted BGP update gets delivered to BGP, you
will have a problem.
Paul Goyette
Juniper Networks Customer Service
JTAC Senior Escalation Engineer
Juniper Security Incident Response Team
PGP Key ID 0x53BA7731 Fingerprint:
FA29 0E3B 35AF E8AE 6651
0786 F758 55DE 53BA 7731
> -----Original Message-----
> From: Chris Morrow [mailto:morrowc at ops-netman.net]
> Sent: Thursday, September 18, 2008 5:04 PM
> To: Paul Goyette
> Cc: Smith, Donald; Sayadian, Greg; robt at cymru.com;
> nsp-security at puck.nether.net
> Subject: RE: [nsp-sec] Crafted bgp update msg may cause slave
> re tocrashJunOS.
>
>
>
> On Thu, 18 Sep 2008, Paul Goyette wrote:
>
> > MD5 check happens at the tcp layer, and packets that fail
> > don't get delivered to the application (ie, BGP) layer.
>
> so, if this is a bgp update issue it'll get the md5 properly
> on both side,
> eh? and... still have the problem. if it's in a valid update :(
>
More information about the nsp-security
mailing list