oss-sec mailing list archives
Re: CVE Request: BGP protocol vulnerability
From: Josh Bressers <bressers () redhat com>
Date: Mon, 30 Aug 2010 10:37:04 -0400 (EDT)
----- "Florian Weimer" <fw () deneb enyo de> wrote:
* Kurt Seifried:The BGP protocol and its various extensions require that BGP peering sessions are terminated when a peer receives a BGP update message which it considers semantically incorrect, leading to a persistent denial-of-service condition if the update is received again after the terminated session is reestablished. (This is not something new at all---we just need to get up, treat it as a vulnerability, and fix it.)This sounds like CVE-2010-3035 http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtmlIn this context, I don't like that the peer on the receiving end resets the session. It's got a significant impact on availability, and the resulting UPDATE churn hurts everybody a little bit. In short, I think there are two bugs: IOS XR producing bad data, and other implementations dealing badly with it.
I'm going to let MITRE deal with this one. I don't want to assign an ID for
a protocol issue, that likely will affect numerous devices.
Thanks.
--
JB
Current thread:
- CVE Request: BGP protocol vulnerability Florian Weimer (Aug 28)
- Re: CVE Request: BGP protocol vulnerability Kurt Seifried (Aug 28)
- Re: CVE Request: BGP protocol vulnerability Florian Weimer (Aug 29)
- Re: CVE Request: BGP protocol vulnerability Josh Bressers (Aug 30)
- Re: CVE Request: BGP protocol vulnerability Steven M. Christey (Aug 31)
- Re: CVE Request: BGP protocol vulnerability Florian Weimer (Aug 29)
- Re: CVE Request: BGP protocol vulnerability Kurt Seifried (Aug 28)