[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request: BGP protocol vulnerability
From: "Steven M. Christey" <coley () linus ! mitre ! org>
Date: 2010-08-31 21:42:27
Message-ID: Pine.GSO.4.64.1008311734300.3520 () faron ! mitre ! org
[Download RAW message or body]
On Sat, 28 Aug 2010, Kurt Seifried wrote:
>> The BGP protocol and its various extensions require that BGP peering
>> sessions are terminated when a peer receives a BGP update message
>> which it considers semantically incorrect, leading to a persistent
>> denial-of-service condition if the update is received again after the
>> terminated session is reestablished.
>>
>> (This is not something new at all---we just need to get up, treat it
>> as a vulnerability, and fix it.)
>
> This sounds like CVE-2010-3035
> http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml
The way Cisco has written up this CVE, they are clearly focusing on the
generation of corrupted attributes, not a protocol problem. So, I'd want
a separate CVE for the general BGP design issue.
> or are you talking about another BGP issue? (but in the same "family"
> as CVE-2009-2055 and CVE-2010-3035).
I can't quite tell the difference between CVE-2009-2055 and what Florian
is requesting a CVE for. In CVE-2009-2055, Cisco seems to be implying
that it's a problem in XR, not the design of the whole protocol - but it's
not immediately clear if they even "fixed" it. The issue at hand is
whether we need a new CVE or a rewrite for the old CVE-2009-2055.
- Steve
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic