all InfoSec news
VU#347067: Multiple BGP implementations are vulnerable to improperly formatted BGP updates
Sept. 12, 2023, 4:36 p.m. |
CERT Recently Published Vulnerability Notes kb.cert.org
Overview
Multiple BGP implementations have been identified as vulnerable to specially crafted Path Attributes of a BGP UPDATE. Instead of ignoring invalid updates they reset the underlying TCP connection for the BGP session and de-peer the router.
This is undesirable because a session reset impacts not only routes with the BGP UPDATE but also the other valid routes exchanged over the session. RFC 7606 Introduction
Description
The Border Gateway Protocol (BGP, RFC 4271) is a widely used inter-Autonomous System …
attributes bgp path reset router session tcp update updates vulnerable
More from kb.cert.org / CERT Recently Published Vulnerability Notes
VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacks
4 weeks, 1 day ago |
kb.cert.org
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
SITEC- Systems Security Administrator- Camp HM Smith
@ Peraton | Camp H.M. Smith, HI, United States
Cyberspace Intelligence Analyst
@ Peraton | Fort Meade, MD, United States
General Manager, Cybersecurity, Google Public Sector
@ Google | Virginia, USA; United States
Cyber Security Advisor
@ H&M Group | Stockholm, Sweden
Engineering Team Manager – Security Controls
@ H&M Group | Stockholm, Sweden