Vulnerabilities > CVE-2009-1168 - Resource Management Errors vulnerability in Cisco IOS and IOS XE
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20090729-BGPHTTP.NASL |
| description | Recent versions of Cisco IOS Software support RFC4893 ( |
| last seen | 2019-10-28 |
| modified | 2010-09-01 |
| plugin id | 49037 |
| published | 2010-09-01 |
| reporter | This script is (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/49037 |
| title | Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities - Cisco Systems |
Oval
| accepted | 2013-04-22T04:00:15.104-04:00 | ||||||||
| class | vulnerability | ||||||||
| contributors |
| ||||||||
| description | Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021. | ||||||||
| family | ios | ||||||||
| id | oval:org.mitre.oval:def:6697 | ||||||||
| status | accepted | ||||||||
| submitted | 2010-05-12T12:00:00.000-04:00 | ||||||||
| title | Cisco IOS Software BGP Routing Dos Vulnerability | ||||||||
| version | 9 |
Seebug
| bulletinFamily | exploit |
| description | Bugraq ID: 35862 CVE ID:CVE-2009-1168 Cisco IOS是一款流行的Internet操作系统。 Cisco IOS存在拒绝服务攻击,远程攻击者可以利用漏洞使设备重启。 处理AS路径段包含超过1000个自治系统的BGP更新时,会导致设备重载。如果一个受影响的4字节AS自治号BGP Speaker接收到来自2字节AS自治号的BGP Speaker提供的AS路径段包含超过1000个自治系统的BGP更新时,设备会由于内存破坏而崩溃,会显示"%%Software-forced reload"的错误信息。 成功利用此漏洞需要3个条件: -受影响的Cisco IOS软件设备为4字节AS自治号BGP Speaker -BGP对等邻居为2字节AS自治号BGP Speaker -BGP对等邻居能发送一系列超过一千AS自治号的BGP更新 注意:Cisco IOS, Cisco IOS XE, Cisco NX-OS和Cisco IOS XR软件,2字节AS自治号BGP Speaker发送BGP更新最多只能包含255 AS自治号。 此漏洞Cisco Bug ID为CSCsy86021,CVEID为CVE-2009-1168。 Cisco IOS XE 2.3.1 t Cisco IOS XE 2.3.1 Cisco IOS XE 2.4 Cisco IOS 12.4T Cisco IOS 12.2SXI Cisco IOS 12.2ND Cisco IOS 12.2NC Cisco IOS 12.0Y Cisco IOS 12.0S 厂商解决方案 用户可参考如下安全公告获得补丁信息: http://www.cisco.com/warp/public/707/cisco-sa-20090729-bgp.shtml#@ID |
| id | SSV:11938 |
| last seen | 2017-11-19 |
| modified | 2009-07-30 |
| published | 2009-07-30 |
| reporter | Root |
| title | Cisco IOS畸形BGP自治系统路径拒绝服务漏洞 |
References
- http://secunia.com/advisories/36046
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080aea4c9.shtml
- http://www.securityfocus.com/bid/35862
- http://www.securitytracker.com/id?1022619
- http://www.vupen.com/english/advisories/2009/2082
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6697