OSPF Vulnerability - Owning the Routing Table

Jimmy Hess mysidia at gmail.com
Sat Aug 3 23:38:39 UTC 2013

On 8/2/13, Aled Morris <aledm at qix.co.uk> wrote:
> Cisco published an advisory on OSPF vulnerability yesterday I think.  I
> assume it's related.
OSPF is a dynamic routing protocol.  It automatically discovers
neighbors on a multi-access segment claiming to be routers.

In what way could it possibly be unexpected that an attacker can pose
as a router and inject false routes;  if an attacker able to emit
multicast to OSPF multicast address onto a LAN speaking OSPF?

That's not news to me, but fully expected.
Do the vendors /really/  have a code fix to  what would seem to be an
inherent problem;  if you failed to properly secure your OSPF
implementation (via MD5 authentication)?

> OSPFv3 is not vulnerable, and connections protected by MD5 are safe too,
> apparently.
> Aled

More information about the NANOG mailing list