cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
594
Views
0
Helpful
3
Replies

Cisco IOS and IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability

jh840bjjhj
Level 1
Level 1

Dear All,

We need one workaround or something else.

Cisco IOS and IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgp

Could you help my with some solution?

Kind Regards

3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame
Workarounds
  • Possible workarounds for this issue include setting a maxpath-limit value for BGP MIBs or suppressing use of BGP MIBs.

    Use of the following BGP MIB tables, objects, and indexes should be avoided as a workaround:

    cbgpRouteAggregatorAddr
    cbgpRouteAggregatorAddrType
    cbgpRouteAggregatorAS
    cbgpRouteASPathSegment
    cbgpRouteAtomicAggregate
    cbgpRouteBest
    cbgpRouteLocalPref
    cbgpRouteLocalPrefPresent
    cbgpRouteMedPresent
    cbgpRouteMultiExitDis
    cbgpRouteNextHop
    cbgpRouteOrigin
    cbgpRouteUnknownAttr

Sorry, but i new in the index objects.

Can you help my with more about this.?

Thank you so much.

It means the workaround is DO NOT USE the following MIB objects.  

Another workaround is to upgrade the firmware if the IOS is currently listed in the Known Affected Versions.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: