Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1976
Views
20
Helpful
16
Replies

BGP Vulnerability - all IOSes affected

Pavel Bykov
Level 5
Level 5

‎08-14-2007 09:23 AM - edited ‎03-03-2019 06:19 PM

I have just discovered a regular expression that crashes the router. I suspect the error is because of division by zero. Since I work for the Enterprise, I do not have direct access to TAC. Please somebody report this to Cisco. I have tested it on ranges of routers (2611, 2821, 2851, 7206) and IOSes (12.0-12.4). All routers crashed with some type of BUS ERROR.

Command can be issued in user mode, therefore I think it can be considered as vulnerability to potentially cause DOS.

I do not know a better way to report this, so I am posting it here.

Labels:
0 Helpful
16 Replies 16

jmla8900
Level 1
Level 1

‎09-15-2007 04:49 PM

I tried it on some of my lab stuff running 12.3 and it was affected, but my old 12.2 enterprise stuff ran it just fine without blowing up. Odd that it affects the newer stuff and not the old.

0 Helpful

carl.gruber
Level 1
Level 1
In response to jmla8900

‎09-17-2007 03:48 AM

3550 running 12.2(37)SE died when running the reg exp as 'show running-config | include'.

0 Helpful
Customers Also Viewed These Support Documents