A denial-of-service vulnerability exists in the Hot Standby Router Protocol (HSRP) .
HSRP is a protocol designed to provide transparent recovery of routing services when failures occur. Quoting from RFC2281 (the RFC describing the Hot Standby Router Protocol):
The Hot Standby Router Protocol, HSRP, provides a mechanism which is designed to support nondisruptive failover of IP traffic in certain circumstances. In particular, the protocol protects against the failure of the first hop router when the source host cannot learn the IP address of the first hop router dynamically. The protocol is designed for use over multi-access, multicast or broadcast capable LANs (e.g., Ethernet). HSRP is not intended as a replacement for existing dynamic router discovery mechanisms and those protocols should be used instead whenever possible . A large class of legacy host implementations that do not support dynamic discovery are capable of configuring a default router. HSRP provides failover services to those hosts.
An attacker located on the same LAN segment as the routers using HSRP can disrupt legitimate network traffic resulting in a denial-of-service attack against the network infrastructure for which the participating routers are responsible for.
The CERT/CC is currently unaware of a practical solution to this problem.
The CERT/CC thanks Cisco Systems for their help in understanding this vulnerability.
This document was written by Ian A. Finlay.
|Date First Published:||2001-12-13|
|Date Last Updated:||2001-12-18 13:47 UTC|