A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the handling of queued BGP
(Border Gateway Protocol) packets when logging a BGP neighbor change. This can
be exploited to cause a vulnerable device
to reload by sending a specially crafted BGP packet, which seems to originate
from a configured, trusted peer.
Successful exploitation requires enabled BGP support and the command "bgp log-neighbor-changes"
configured.
OPERATING SYSTEM:
Cisco IOS R12.x
Cisco IOS R11.x
Cisco IOS 12.x
Cisco IOS 11.x
Cisco IOS 10.x
SOLUTION:
See patch matrix in the vendor advisory for information about fixes.
http://www.cisco.com/warp/public/707/cisco-sa-20050126-bgp.shtml#software
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20050126-bgp.shtml
OTHER REFERENCES:
US-CERT VU#689326:
http://www.kb.cert.org/vuls/id/689326
VERIFY ADVISORY:
http://secunia.com/advisories/14034/
Secunia Security Advisories
http://community.securityteam.us/article.php/20050210103119978