[nsp-sec] Crafted bgp update msg may cause slave re tocrashJunOS.
Chris Morrow
morrowc at ops-netman.net
Thu Sep 18 20:16:41 EDT 2008
On Thu, 18 Sep 2008, Paul Goyette wrote:
> If the specifically-crafted BGP update gets delivered to BGP, you
> will have a problem.
right, so... tcp-md5 no helpy :(
>> -----Original Message-----
>> From: Chris Morrow [mailto:morrowc at ops-netman.net]
>> Sent: Thursday, September 18, 2008 5:04 PM
>> To: Paul Goyette
>> Cc: Smith, Donald; Sayadian, Greg; robt at cymru.com;
>> nsp-security at puck.nether.net
>> Subject: RE: [nsp-sec] Crafted bgp update msg may cause slave
>> re tocrashJunOS.
>>
>>
>>
>> On Thu, 18 Sep 2008, Paul Goyette wrote:
>>
>>> MD5 check happens at the tcp layer, and packets that fail
>>> don't get delivered to the application (ie, BGP) layer.
>>
>> so, if this is a bgp update issue it'll get the md5 properly
>> on both side,
>> eh? and... still have the problem. if it's in a valid update :(
>>
>
More information about the nsp-security
mailing list