Cisco IOS Malformed OSPF Denial of Service vulnerability
| Attack ID: | CPAI-2004-37 |
 |
|
| Publish Date: | |
|
|
| Category: | Cisco IOS Malformed OSPF Denial of Service vulnerability |
|
|
| Vulnerable Systems: | Cisco IOS based on 12.0S, 12.2, and 12.3 |
|
|
| Source: | Cisco ID: 61365 |
|
|
| Description: | A vulnerability exists in the processing of an OSPF packet that can be exploited to cause a Denial of Service (DoS) attack. A Cisco device running Internetwork Operating System (IOS) based on versions 12.0S, 12.2, and 12.3 and enabled for the OSPF protocol is vulnerable. |
|
|
| Severity: | |
| Details: | The Open Shortest Path First (OSPF) is a routing protocol designed to manage IP routing inside an Autonomous System (AS). A Cisco device receiving a malformed OSPF packet will reset and may take several minutes to become fully functional. This vulnerability may be exploited repeatedly resulting in an extended DOS attack. |
|
|
| Attack Detection: | Using SmartView Tracker, users of R55, R55W and InterSpect who have applied the protections included with the latest SmartDefense Update (released July 21, 2004), will be able to identify attacks on a OSPF-enabled device by the following record details: Name: OSPF enforcement violation
|
|
|
| Solution: | Users of VPN-1 NG with Application Intelligence R55, R55W and InterSpect who have implemented the latest SmartDefense Update and have enabled the Routing Protocols protection outlined in CPSA-2004-03 (Attacks on Dynamic Routing Protocols) are protected against this vulnerability. The protection enforces MD5 authentication for OSPF packets. |
|
|
| Industry Reference: | |
|
|
| Additional Information: | |