Vulnerability Note VU#229804
Open Shortest Path First (OSPF) Protocol does not specify unique LSA lookup identifiers
The Open Shortest Path First (OSPF) protocol does not specify unique Link State Advertisement (LSA) lookup identifiers, which allow an attacker to intercept traffic or conduct a Denial of Service (DoS) attack.
CWE-694: Use of Multiple Resources with a Duplicate Identifier
The OSPF protocol requires LSA's to be identified by: LS Type, Advertising Router, and Link State ID. However, during the routing table calculation phase, the specification states that a LSA is queried in the LSA database
This vulnerability can allow an attacker to re-route traffic, compromising the confidentiality of the data, or to conduct a denial-of-service attack against a router, dropping all traffic.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Brocade||Affected||13 Jun 2013||05 Aug 2013|
|Check Point Software Technologies||Affected||28 May 2013||16 Oct 2013|
|Cisco Systems, Inc.||Affected||22 May 2013||05 Aug 2013|
|D-Link Systems, Inc.||Affected||28 May 2013||05 Aug 2013|
|Enterasys Networks||Affected||28 May 2013||19 Aug 2013|
|Extreme Networks||Affected||28 May 2013||30 Jul 2013|
|IBM Corporation||Affected||28 May 2013||05 Aug 2013|
|Juniper Networks, Inc.||Affected||10 May 2013||03 Dec 2013|
|NEC Corporation||Affected||28 May 2013||10 Sep 2013|
|Oracle Corporation||Affected||28 May 2013||16 Oct 2013|
|Vyatta||Affected||10 May 2013||05 Aug 2013|
|Yamaha Corporation||Affected||28 May 2013||05 Aug 2013|
|ACME Packet||Not Affected||28 May 2013||18 Jul 2013|
|Buffalo Inc||Not Affected||30 May 2013||12 Sep 2013|
|eSoft, Inc.||Not Affected||28 May 2013||30 Jul 2013|
CVSS Metrics (Learn More)
Thanks to Dr. Gabi Nakibly for reporting this vulnerability.
This document was written by Chris King.
- CVE IDs: CVE-2013-0149
- Date Public: 01 Aug 2013
- Date First Published: 01 Aug 2013
- Date Last Updated: 06 Dec 2013
- Document Revision: 58
If you have feedback, comments, or additional information about this vulnerability, please send us email.