Nortel Networks, Inc. Information for VU#415294
The Border Gateway Protocol relies on persistent TCP sessions without specifying authentication requirements
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 28 Apr 2004
Nortel Networks has evaluated this issue and testing has confirmed that it is possible to successfully exploit this vulnerability. However, the preconditions for a successful exploitation require levels of access to the network that are unlikely to be achieved in a normal network operating environment; furthermore, such levels of access would enable other forms of attack with much greater impact than that achievable by exploiting this vulnerability.
Nortel Networks is continuing to validate that this vulnerability has no serious consequences for Nortel equipment, and will update this statement periodically.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.