On 8/2/13, Aled Morris <aledm@qix.co.uk> wrote:
Cisco published an advisory on OSPF vulnerability yesterday I think. I assume it's related. OSPF is a dynamic routing protocol. It automatically discovers neighbors on a multi-access segment claiming to be routers.
In what way could it possibly be unexpected that an attacker can pose as a router and inject false routes; if an attacker able to emit multicast to OSPF multicast address onto a LAN speaking OSPF? That's not news to me, but fully expected. Do the vendors /really/ have a code fix to what would seem to be an inherent problem; if you failed to properly secure your OSPF implementation (via MD5 authentication)?
OSPFv3 is not vulnerable, and connections protected by MD5 are safe too, apparently.
Aled -- -JH