[nsp-sec] Crafted bgp update msg may cause slave reto crashJunOS.
Barry Raveendran Greene
bgreene at senki.org
Fri Sep 19 11:12:48 EDT 2008
Oh yes, please use my bgreene at juniper.net E-mail. The PGP Key ID is
0x16BF45F3 (on the usual places).
> -----Original Message-----
> From: Barry Raveendran Greene [mailto:bgreene at senki.org]
> Sent: Friday, September 19, 2008 8:09 AM
> To: 'Jared Mauch'; 'Sayadian, Greg'
> Cc: 'Donald.Smith at qwest.com'; 'robt at cymru.com';
> 'nsp-security at puck.nether.net'
> Subject: RE: [nsp-sec] Crafted bgp update msg may cause slave
> reto crashJunOS.
>
>
> The Security Bulleting/PSN - 2008-09-005 is different and
> some would say very low risk. Ping me with your PGP if you
> would like clarity on this one.
>
> This would save time getting the details through your SE or
> JTAC engineer.
>
>
> > -----Original Message-----
> > From: nsp-security-bounces at puck.nether.net
> > [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> Jared Mauch
> > Sent: Thursday, September 18, 2008 3:27 PM
> > To: Sayadian, Greg
> > Cc: Donald.Smith at qwest.com; robt at cymru.com;
> > nsp-security at puck.nether.net
> > Subject: Re: [nsp-sec] Crafted bgp update msg may cause slave reto
> > crashJunOS.
> >
> > ----------- nsp-security Confidential --------
> >
> > Cisco posted what this was a few days ago, I asked
> PSIRT to comment
> > and they did not.
> >
> >
> > CSCsk69927 Resolved in 12.2(18)SXF15
> >
> > Symptoms:
> >
> > All the BGP routes are dropped when IOS device receives BGP update
> > with atomic-aggregate length as 254 (0xfe).
> >
> > Conditions: The topology consists of two eBGP peers with
> test traffic
> > across the link.
> >
> > The BGP process does not crash, and routes are not restored
> after the
> > event.
> >
> > Workaround: None
> >
> > More info: This is a PSIRT issue which exists in almost all the
> > releases/branches
> >
> > On Thu, Sep 18, 2008 at 06:14:50PM -0400, Sayadian, Greg wrote:
> > > ----------- nsp-security Confidential --------
> > >
> > > Does md5 hashing save you?
> > > ------Original Message------
> > > From: Chris Morrow
> > > To: Smith, Donald
> > > Cc: Rob Thomas
> > > Cc: nsp-security at puck.nether.net
> > > Sent: Sep 18, 2008 5:17 PM
> > > Subject: Re: [nsp-sec] Crafted bgp update msg may cause
> > slave re to crashJunOS.
> > >
> > > ----------- nsp-security Confidential --------
> > >
> > > maybe paul can shed some light? or barry?? I've seen a few
> > RE crashes
> > > on our side that ended up looking like some wierd routing
> > update thing
> > > :(
> > >
> > > -Chris
> > >
> > > On Thu, 18 Sep 2008, Smith, Donald wrote:
> > >
> > > > ----------- nsp-security Confidential --------
> > > >
> > > > I have not tried to recreate this in the lab.
> > > > Because I don't have any detailed information.
> > > >
> > > > donald.smith at qwest.com giac
> > > >
> > > > ________________________________
> > > >
> > > > From: Rob Thomas [mailto:robt at cymru.com]
> > > > Sent: Thu 9/18/2008 2:59 PM
> > > > To: Smith, Donald
> > > > Cc: nsp-security at puck.nether.net
> > > > Subject: Re: [nsp-sec] Crafted bgp update msg may cause
> > slave re to crashJunOS.
> > > >
> > > >
> > > >
> > > > Are there any specific packet characteristics (number
> of octets,
> > > > flags,
> > > > something) on which flow queries could be based? :)
> > > >
> > > >
> > > > Smith, Donald wrote:
> > > >> ----------- nsp-security Confidential --------
> > > >>
> > > >> Most of you should have already seen this.
> > > >>
> > > >> Subject: New Juniper Technical Bulletin - PSN-2008-09-005
> > > >>
> > > >> The Juniper Networks Technical Assistance Center (JTAC)
> > announces
> > > >> the following Technical Bulletin that is available on
> > our Customer
> > > >> Support Center website.
> > > >>
> > > >> You will need a valid login ID on www.juniper.net in
> > order to view
> > > >> the full description.
> > > >>
> > > >> Technical Bulletin Subject: Crafted BGP UPDATE messages
> > can cause
> > > >> slave Routing Engines to crash
> > > >>
> > > >> Detailed information can be found at the following URL
> > (login required):
> > > >>
> > http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2008
> > > >> -09-0
> > > >> 05&actionBtn=Search
> > > >>
> > > >> If you do not have a valid login ID, you can submit your
> > > >> application at the following URL:
> > > >> http://www.juniper.net/registration/register.jsp
> > > >>
> > > >> NOTE: A Technical Bulletin is a formal notice
> regarding critical
> > > >> and/or potentially service-affecting hardware and
> > software product
> > > >> issues. The Technical Bulletin process allows the proactive
> > > >> communication of pertinent information to both customers
> > and partners.
> > > >>
> > > >> For further information, please contact the Juniper Technical
> > > >> Assistance
> > > >> Center(JTAC) by e-mail at support at juniper.net, or by phone:
> > > >>
> > > >> (888) 314-JTAC (within the US)
> > > >> +1 408-745-2121 (outside the US)
> > > >>
> > > >>
> > > >>
> > > >> H8Hz
> > > >> Donald.Smith at qwest.com giac
> > > >>
> > > >>
> > > >> This communication is the property of Qwest and may contain
> > > >> confidential or privileged information. Unauthorized
> use of this
> > > >> communication is strictly prohibited and may be
> > unlawful. If you
> > > >> have received this communication in error, please immediately
> > > >> notify the sender by reply e-mail and destroy all copies
> > of the communication and any attachments.
> > > >>
> > > >>
> > > >> _______________________________________________
> > > >> nsp-security mailing list
> > > >> nsp-security at puck.nether.net
> > > >> https://puck.nether.net/mailman/listinfo/nsp-security
> > > >>
> > > >> Please do not Forward, CC, or BCC this E-mail outside of the
> > > >> nsp-security community. Confidentiality is essential for
> > effective Internet security counter-measures.
> > > >> _______________________________________________
> > > >
> > > > --
> > > > Rob Thomas
> > > > Team Cymru
> > > > http://www.team-cymru.org/
> > > > cmn_err(CEO_PANIC, "Out of coffee!");
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > nsp-security mailing list
> > > > nsp-security at puck.nether.net
> > > > https://puck.nether.net/mailman/listinfo/nsp-security
> > > >
> > > > Please do not Forward, CC, or BCC this E-mail outside of the
> > > > nsp-security community. Confidentiality is essential for
> > effective Internet security counter-measures.
> > > > _______________________________________________
> > > >
> > >
> > >
> > > _______________________________________________
> > > nsp-security mailing list
> > > nsp-security at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/nsp-security
> > >
> > > Please do not Forward, CC, or BCC this E-mail outside of the
> > > nsp-security community. Confidentiality is essential for
> > effective Internet security counter-measures.
> > > _______________________________________________
> > >
> > >
> > > <><
> > > Greg Sayadian
> > > IT Security
> > >
> > >
> > > _______________________________________________
> > > nsp-security mailing list
> > > nsp-security at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/nsp-security
> > >
> > > Please do not Forward, CC, or BCC this E-mail outside of the
> > > nsp-security community. Confidentiality is essential for
> > effective Internet security counter-measures.
> > > _______________________________________________
> >
> > --
> > Jared Mauch | I work for but do not always represent NTT
> America list
> > admin | +1 313 506 4307 * send list policy questions to
> > | nsp-security-owner at puck.nether.net
> >
> >
> > _______________________________________________
> > nsp-security mailing list
> > nsp-security at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/nsp-security
> >
> > Please do not Forward, CC, or BCC this E-mail outside of the
> > nsp-security community. Confidentiality is essential for effective
> > Internet security counter-measures.
> > _______________________________________________
> >
More information about the nsp-security
mailing list