Security News > 2023 > May > Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software

Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol that could be weaponized to achieve a denial-of-service condition on vulnerable BGP peers.

The three vulnerabilities reside in version 8.4 of FRRouting, a popular open source internet routing protocol suite for Linux and Unix platforms.

The discovery is the result of an analysis of seven different implementations of BGP carried out by Forescout Vedere Labs: FRRouting, BIRD, OpenBGPd, Mikrotik RouterOS, Juniper JunOS, Cisco IOS, and Arista EOS. BGP is a gateway protocol that's designed to exchange routing and reachability information between autonomous systems.

The issues "Could be exploited by attackers to achieve a DoS condition on vulnerable BGP peers, thus dropping all BGP sessions and routing tables and rendering the peer unresponsive," the company said in a report shared with The Hacker News.

A threat actor could spoof a valid IP address of a trusted BGP peer or exploit other flaws and misconfigurations to compromise a legitimate peer and then issue a specially-crafted unsolicited BGP OPEN message.

Forescout has also made available an open source tool called bgp boofuzzer that allows organizations to test the security of the BGP suites used internally as well as find new flaws in BGP implementations.

News URL

https://thehackernews.com/2023/05/researchers-uncover-new-bgp-flaws-in.html