[139806] in North American Network Operators' Group
RE: CIsco IOS bug info request
daemon@ATHENA.MIT.EDU (Erik Bais)
Wed Apr 20 10:55:50 2011
From: "Erik Bais" <ebais@a2b-internet.com>
To: "'Eric Parsonage'" <eric@eparsonage.com>,
<nanog@nanog.org>
In-Reply-To: <65DD3DFF-6E8F-4044-AC92-8523D7F6764B@eparsonage.com>
Date: Wed, 20 Apr 2011 16:55:44 +0200
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi Eric,
You might want to read up on :
http://labs.ripe.net/Members/erik/ripe-ncc-and-duke-university-bgp-experimen
t
The cisco case involved :
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b441
1f.shtml
Short detail from the Cisco site:
This vulnerability affects Cisco IOS XR devices running affected software
versions and configured with the BGP routing feature.
The vulnerability manifests itself when a BGP peer announces a prefix with a
specific, valid but unrecognized transitive attribute. On receipt of this
prefix, the Cisco IOS XR device will corrupt the attribute before sending it
to the neighboring devices. Neighboring devices that receive this corrupted
update may reset the BGP peering session.
Could you provide insight in why you are specifically looking for a Cisco
IOS bug that has taken down a network ?
Regards,
Erik Bais
