[phpBB Debug] PHP Notice: in file /viewtopic.php on line 945: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Helsinki' for 'EEST/3.0/DST' instead
[phpBB Debug] PHP Notice: in file /viewtopic.php on line 945: getdate(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Helsinki' for 'EEST/3.0/DST' instead
BREN forums • View topic - 4-Byte Autonomous System Number Vulnerabilities

4-Byte Autonomous System Number Vulnerabilities

IP маршрутизация, протоколи (BGP, OSPF и т.н.), регистри (IANA, RIPE и т.н.)

4-Byte Autonomous System Number Vulnerabilities

Postby vedrin » 29 Jul 2009, 17:31

Cisco Security Advisory: Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities

Recent versions of Cisco IOS Software support RFC4893 ("BGP Support for Four-octet AS Number Space") and contain two remote denial of service (DoS) vulnerabilities when handling specific Border Gateway Protocol (BGP) updates.

These vulnerabilities affect only devices running Cisco IOS Software with support for four-octet AS number space (here after referred to as 4-byte AS number) and BGP routing configured.

The first vulnerability could cause an affected device to reload when processing a BGP update that contains autonomous system (AS) path segments made up of more than one thousand autonomous systems.

The second vulnerability could cause an affected device to reload when the affected device processes a malformed BGP update that has been crafted to trigger the issue.

Cisco has released free software updates to address these vulnerabilities.

No workarounds are available for the first vulnerability.

A workaround is available for the second vulnerability.

This advisory is posted at the following link: http://www.cisco.com/warp/public/707/ci ... -bgp.shtml
--
Vedrin Jeliazkov
User avatar
vedrin
 
Posts: 174
Joined: 16 Feb 2009, 20:30
Location: Sofia

Return to The Internet Protocol (IP)

Who is online

Users browsing this forum: No registered users and 1 guest

cron