Reported June 16, 2004, by Cisco

VERSIONS AFFECTED

  • All Cisco Systems' IOS-based devices configured for BGP routing

DESCRIPTION
A Cisco Systems' device running Internetwork Operating System (IOS) and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DoS) attack from a malformed BGP packet. By sending a malformed BGP packet to the device, a potential attacker could cause the device to reload.

VENDOR RESPONSE
Cisco Systems has released Security Advisory 50321, "Cisco IOS Malformed BGP Packet Causes Reload" to address this vulnerability and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

CREDIT
Discovered by Cisco Systems.