CVE-2009-1154 Information

Description

Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message as demonstrated by a message with many AS numbers in the AS Path Attribute.

Reference

http://securitytracker.com/id?1022756 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af150f.shtml