Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Cisco sgbp DoS - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco sgbp DoS

Cisco published a report about a DoS condition on some of their routers.

It is situated in the Stack Group Bidding Protocol (sgbp) wich is used to enable bandwidth on demand using Multilink PPP (MLP).

Full details at cisco

To summarize:

  • Not vulnerable if the router does not support sgbp or if it is not configured (so #show sgbp should give no output or a syntax error message).
  • Workarounds are listed with ACLs to protect UDP/9900 on the affected routers.
  • Upgrade to fix it
  • Traffic to UDP/9900 might now be DoS attempts.
--
Swa Frantzen
Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!