[原文]Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
Cisco IOS, when the routing protocol BGP is enabled, contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed BGP OPEN or UPDATE message is sent, and will result in loss of availability for the platform, including possible reload times of several minutes per instance.
Upgrade to the version appropriate for your installation, as outlined in the vulnerable version matrix provided by Cisco. It is also possible to correct the flaw by implementing the following workaround: configure your router to use BGP MD5 authentication ("BGP password") for each BGP neighbor.