oss-sec mailing list archives
CVE Request: BGP protocol vulnerability
From: Florian Weimer <fw () deneb enyo de>
Date: Sat, 28 Aug 2010 12:30:22 +0200
The BGP protocol and its various extensions require that BGP peering sessions are terminated when a peer receives a BGP update message which it considers semantically incorrect, leading to a persistent denial-of-service condition if the update is received again after the terminated session is reestablished. (This is not something new at all---we just need to get up, treat it as a vulnerability, and fix it.)
Current thread:
- CVE Request: BGP protocol vulnerability Florian Weimer (Aug 28)
- Re: CVE Request: BGP protocol vulnerability Kurt Seifried (Aug 28)
- Re: CVE Request: BGP protocol vulnerability Florian Weimer (Aug 29)
- Re: CVE Request: BGP protocol vulnerability Josh Bressers (Aug 30)
- Re: CVE Request: BGP protocol vulnerability Steven M. Christey (Aug 31)
- Re: CVE Request: BGP protocol vulnerability Florian Weimer (Aug 29)
- Re: CVE Request: BGP protocol vulnerability Kurt Seifried (Aug 28)