A vulnerability in the Border Gateway Protocol (BGP) input packet handler in the Cisco ASR 5500 System Architecture Evolution (SAE) Gateway could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition because the BGP process restarts unexpectedly.

The vulnerability is due to lack of proper input validation of the BGP packet header. An attacker could exploit this vulnerability by sending a crafted BGP packet to the affected device. An exploit could allow the attacker to cause a partial DoS condition because the BGP process restarts unexpectedly.

Cisco has released software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151028-asr

Leave a Reply