Cisco Security Advisory: Cisco IOS Misformed BGP Packet Causes Reload

URL: http://www.cisco.com/en/US/customer/products/products_security_advisory09186a00803be7d9.shtml(available to registered users)http://www.cisco.com/en/US/products/products_security_advisory09186a00803be7d9.shtml(available to non-registered users)Posted: January 26, 2005Summary: A Cisco device running IOS® and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DoS) attack from a malformed BGP packet. Only devices with the command bgp log-neighbor-changes configured are vulnerable. The BGP protocol is not enabled by default, and must be configured in order to accept traffic from an explicitly defined peer. Unless the malicious traffic appears to be sourced from a configured, trusted peer, it would be difficult to inject a malformed packet.Cisco has made free software available to address this problem. This issue is tracked by CERT/CC VU#689326.