Nortel Networks, Inc. Information for VU#415294

The Border Gateway Protocol relies on persistent TCP sessions without specifying authentication requirements



Vendor Statement

Nortel Networks has evaluated this issue and testing has confirmed that it is possible to successfully exploit this vulnerability. However, the preconditions for a successful exploitation require levels of access to the network that are unlikely to be achieved in a normal network operating environment; furthermore, such levels of access would enable other forms of attack with much greater impact than that achievable by exploiting this vulnerability.

Nortel Networks is continuing to validate that this vulnerability has no serious consequences for Nortel equipment, and will update this statement periodically.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.