CVE-2009-2049 - OpenCVE

Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:H/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Ios Ios Xe

Configuration 1 [-]

OR	cpe:2.3:o:cisco:ios:12.0\(32\)s12:::::::*
	cpe:2.3:o:cisco:ios:12.0\(32\)s13:::::::*
	cpe:2.3:o:cisco:ios:12.0\(32\)sy8:::::::*
	cpe:2.3:o:cisco:ios:12.0\(32\)sy9:::::::*
	cpe:2.3:o:cisco:ios:12.0\(33\)s3:::::::*
	cpe:2.3:o:cisco:ios:12.0\(33\)s4:::::::*
	cpe:2.3:o:cisco:ios:12.2\(33\)sxi1:::::::*
	cpe:2.3:o:cisco:ios:12.2\(33\)sxi2:::::::*
	cpe:2.3:o:cisco:ios:12.2xnc:::::::*
	cpe:2.3:o:cisco:ios:12.2xnd:::::::*
	cpe:2.3:o:cisco:ios:12.4\(24\)t1:::::::*
	cpe:2.3:o:cisco:ios_xe:2.3:::::::*
	cpe:2.3:o:cisco:ios_xe:2.3.1t:::::::*
	cpe:2.3:o:cisco:ios_xe:2.4:::::::*
	cpe:2.3:o:cisco:ios_xe:2.4.0:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/36046
http://www.cisco.com/en/US/products/products_security_advisory09186a0080aea4c9.shtml
http://www.securityfocus.com/bid/35860
http://www.securitytracker.com/id?1022619
http://www.vupen.com/english/advisories/2009/2082
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6853

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2009-07-30T18:00:00

Updated: 2024-08-07T05:36:20.958Z

Reserved: 2009-06-12T00:00:00

Link: CVE-2009-2049

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-07-30T18:30:00.233

Modified: 2017-09-29T01:34:42.670

Link: CVE-2009-2049

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-07-29T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20090729 Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080aea4c9.shtml"}, {"name": "oval:org.mitre.oval:def:6853", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6853"}, {"name": "36046", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/36046"}, {"name": "ADV-2009-2082", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/2082"}, {"name": "1022619", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1022619"}, {"name": "35860", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/35860"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2009-2049", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20090729 Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080aea4c9.shtml"}, {"name": "oval:org.mitre.oval:def:6853", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6853"}, {"name": "36046", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36046"}, {"name": "ADV-2009-2082", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/2082"}, {"name": "1022619", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022619"}, {"name": "35860", "refsource": "BID", "url": "http://www.securityfocus.com/bid/35860"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:36:20.958Z"}, "title": "CVE Program Container", "references": [{"name": "20090729 Cisco IOS Software Border Gateway Protocol 4-Byte Autonomous System Number Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080aea4c9.shtml"}, {"name": "oval:org.mitre.oval:def:6853", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6853"}, {"name": "36046", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/36046"}, {"name": "ADV-2009-2082", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/2082"}, {"name": "1022619", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1022619"}, {"name": "35860", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/35860"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2009-2049", "datePublished": "2009-07-30T18:00:00", "dateReserved": "2009-06-12T00:00:00", "dateUpdated": "2024-08-07T05:36:20.958Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.0\\(32\\)s12:*:*:*:*:*:*:*", "matchCriteriaId": "7F505B0A-E9E0-4CF3-B85B-70EEE71314F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.0\\(32\\)s13:*:*:*:*:*:*:*", "matchCriteriaId": "ED66A91B-6429-4983-8167-07DECA601916", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.0\\(32\\)sy8:*:*:*:*:*:*:*", "matchCriteriaId": "0F288884-3DB7-474D-B56B-120E2DB7975A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.0\\(32\\)sy9:*:*:*:*:*:*:*", "matchCriteriaId": "A29860C6-75E6-43A4-8BF5-E6ABF2040B0F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.0\\(33\\)s3:*:*:*:*:*:*:*", "matchCriteriaId": "AF0C8019-BDDA-4019-AF64-352EFFAC9036", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.0\\(33\\)s4:*:*:*:*:*:*:*", "matchCriteriaId": "9BCFE974-9D9A-443D-A55D-6A2CBF96EC4D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi1:*:*:*:*:*:*:*", "matchCriteriaId": "4627BEF7-CEEB-4CBC-8620-4D9C5A7F7C30", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi2:*:*:*:*:*:*:*", "matchCriteriaId": "866E9A29-97D8-41E1-81BE-73FAF1B5E2DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2xnc:*:*:*:*:*:*:*", "matchCriteriaId": "5D57ACB3-4ADC-4FBE-BA46-395F277B9997", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2xnd:*:*:*:*:*:*:*", "matchCriteriaId": "E2916FA5-1FFF-48FB-A079-693AD3444CC1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4\\(24\\)t1:*:*:*:*:*:*:*", "matchCriteriaId": "2A6AD6E5-EBB0-44D8-A63C-EFF7260E4CC3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "91895083-E6C5-432A-BF41-8D157E539C14", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:2.3.1t:*:*:*:*:*:*:*", "matchCriteriaId": "57F6EF3B-2F31-4449-9B2A-9114D41BBC6A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "4964AB2C-E255-4844-8DD9-FFFC9512B7C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6D0B52CA-3834-4435-A3E1-9684A41E6405", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973."}, {"lang": "es", "value": "Cisco IOS v12.0(32)S12 hasta v12.0(32)S13 y v12.0(33)S3 hasta v12.0(33)S4, v12.0(32)SY8 hasta v12.0(32)SY9, v12.2(33)SXI1 hasta v12.2(33)SXI2, v12.2XNC hasta v12.2(33)XNC2, v12.2XND hasta v12.2(33)XND1, y v12.4(24)T1; y IOS XE v2.3 hasta v2.3.1t y v2.4 hasta v2.4.0; cuando el enrutado RFC4893 BGP est\u00e1 habilitado, lo que permite a los atacantes remoto causar una denegaci\u00f3n de servicio (recarga del dispositivo) usando un par RFC4271 para enviar una actualizaci\u00f3n malformado, tambi\u00e9n conocido como Bud ID CSCta33973."}], "id": "CVE-2009-2049", "lastModified": "2017-09-29T01:34:42.670", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 5.4, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-07-30T18:30:00.233", "references": [{"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/36046"}, {"source": "ykramarz@cisco.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080aea4c9.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/35860"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id?1022619"}, {"source": "ykramarz@cisco.com", "url": "http://www.vupen.com/english/advisories/2009/2082"}, {"source": "ykramarz@cisco.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6853"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-16"}], "source": "nvd@nist.gov", "type": "Primary"}]}