On (2013-08-04 05:01 -0500), Jimmy Hess wrote:
I would say the risk score of the advisory is overstated. And if you think "ospf is secure" against LAN activity after any patch, that would be wishful thinking. Someone just rediscovered one of the countless innumerable holes in the back of the cardboard box and tried covering it with duck tape...
I tend to agree. OTOH I'm not 100% sure if it's unexploitable outside LAN via unicast OSPF packets. But like you say MD5 offers some level of protection. I wish there would be some KDF for IGP KARP so that each LSA would actually have unique not-to-be-repeated password, so even if someone gets copy of one LSA and calculates out the MD5 it won't be relevant anymore. L2 is very dangerous in any platform I've tried, access to L2 and you can usually DoS the neighbouring router, even when optimally configured CoPP/Lo0 filter. -- ++ytti