Vulnerabilities > CVE-2004-0589 - Unspecified vulnerability in Cisco IOS
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
Vulnerable Configurations
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20040616-BGPHTTP.NASL |
| description | A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet. Cisco has made free software available to address this problem. |
| last seen | 2019-10-28 |
| modified | 2010-09-01 |
| plugin id | 48975 |
| published | 2010-09-01 |
| reporter | This script is (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/48975 |
| title | Cisco IOS Malformed BGP Packet Causes Reload - Cisco Systems |
Oval
| accepted | 2008-09-08T04:00:14.857-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages. | ||||
| family | ios | ||||
| id | oval:org.mitre.oval:def:4948 | ||||
| status | accepted | ||||
| submitted | 2008-04-30T11:06:36.000-04:00 | ||||
| title | Cisco IOS Border Gateway Protocol (BGP) OPEN and UPDATE Messages Design Error Vulnerability | ||||
| version | 4 |