Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
467
Views
0
Helpful
2
Replies

How to determine the affected IOS?

axfalk
Level 1
Level 1

‎01-27-2005 12:01 PM - edited ‎03-05-2019 11:25 AM

We have just received a Cisco Security Advisory re. the misformed BGP packets and we're having a hard time determining whether the IOS on our BGP routers is affected. We happened to be running the IOS 12.1(5) and this specific IOS is NOT on the list of the affected IOSes that Cisco listed in the warning, however, the 12.1 is.

In the past warnings, the exact based releases of our IOSes have always been on that list, but for this one, it's not, so we're kind of stumped.

thanks.

Labels:
0 Helpful
2 Replies 2

sstudsdahl
Level 4
Level 4

‎01-27-2005 01:48 PM

If you are refering to the advisory regarding the malformed BGP packet on a system that has support for MPLS, the 12.1 train of IOS is not vulnerable. This would include the 12.1(5) version you are running.

Vulnerable versions of IOS include:

Cisco IOS release trains based on 12.1T, 12.2, 12.2T, 12.3 and 12.3T. IOS versions based on 12.1 and 12.1E are not vulnerable.

Here's a link to the advisory:

http://www.cisco.com/en/US/customer/products/products_security_advisory09186a00803be77c.shtml

If you are looking at the advisory for the misformed packet when the command "bgp log-neighbor-changes" is enabled, you are likely vulnerable as all versions of IOS are vunerable up to this point. You would need to upgrade to at least 12.1(26) to address this vulnerability if you plan to stay in the 12.1 train of IOS. You can also address this issue by removing the neighbor change logging by issuing the command "no bgp log-neighbor-changes" under your "router bgp" configuration. There are also a few other things listed in the workarounds section of the advisory. Here is a link to the advisory:

http://www.cisco.com/en/US/customer/products/products_security_advisory09186a00803be7d9.shtml

HTH,

Steve

0 Helpful

axfalk
Level 1
Level 1
In response to sstudsdahl

‎01-27-2005 01:58 PM

Steve, thanks for your response.

I was in fact referring to the advisory for the misformed packet when the command "bgp log-neighbor-changes" is enabled and was planning on removing this command as a means of fixing that.

Thanks a lot again.

0 Helpful
Customers Also Viewed These Support Documents