Vulnerability Name:

CVE-2009-2049 (CCN-52135)

Assigned:2009-07-29
Published:2009-07-29
Updated:2017-09-29
Summary:Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.4 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C)
4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-16
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2009-2049

Source: CCN
Type: SA36046
Cisco IOS Border Gateway Protocol Two Denial of Service Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
36046

Source: CCN
Type: SECTRACK ID: 1022619
Cisco IOS 4-Byte ASN Support Bugs in Processing BGP Updates Let Remote Users Deny Service

Source: CISCO
Type: Patch, Vendor Advisory
20090729 Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities

Source: CCN
Type: cisco-sa-20090729-bgp
Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities

Source: CCN
Type: OSVDB ID: 56705
Cisco IOS Border Gateway Protocol (BGP) Malformed Update Message Remote DoS

Source: BID
Type: UNKNOWN
35860

Source: CCN
Type: BID-35860
Cisco IOS Malformed Border Gateway Protocol Update Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1022619

Source: VUPEN
Type: UNKNOWN
ADV-2009-2082

Source: XF
Type: UNKNOWN
ios-bgp-update-dos(52135)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6853

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:ios:12.0(32)s12:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(32)s13:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(32)sy8:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(32)sy9:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(33)s3:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(33)s4:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2(33)sxi1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2(33)sxi2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2xnc:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2xnd:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.4(24)t1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xe:2.3:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xe:2.3.1t:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xe:2.4:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xe:2.4.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:cisco:ios:12.0(32)s12:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(32)s13:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(33)s3:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(33)s4:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(32)sy8:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(32)sy9:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2(33)sxi2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2(33)sxi1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xe:2.3:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xe:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xe:2.4:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xe:2.3.1t:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2xnd:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2xnc:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.4(24)t1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:6853
    V
    		Cisco IOS Software BGP Routing Dos Vulnerability
    2013-04-22
    BACK
    cisco ios 12.0(32)s12
    cisco ios 12.0(32)s13
    cisco ios 12.0(32)sy8
    cisco ios 12.0(32)sy9
    cisco ios 12.0(33)s3
    cisco ios 12.0(33)s4
    cisco ios 12.2(33)sxi1
    cisco ios 12.2(33)sxi2
    cisco ios 12.2xnc
    cisco ios 12.2xnd
    cisco ios 12.4(24)t1
    cisco ios xe 2.3
    cisco ios xe 2.3.1t
    cisco ios xe 2.4
    cisco ios xe 2.4.0
    cisco ios 12.0(32)s12
    cisco ios 12.0(32)s13
    cisco ios 12.0(33)s3
    cisco ios 12.0(33)s4
    cisco ios 12.0(32)sy8
    cisco ios 12.0(32)sy9
    cisco ios 12.2(33)sxi2
    cisco ios 12.2(33)sxi1
    cisco ios xe 2.3
    cisco ios xe 2.4.0
    cisco ios xe 2.4
    cisco ios xe 2.3.1t
    cisco ios 12.2xnd
    cisco ios 12.2xnc
    cisco ios 12.4(24)t1