ID CVE-2013-6982 Type cve Reporter NVD Modified 2017-08-28T21:34:02
Description
The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote attackers to cause a denial of service (peer reset) via a crafted message, aka Bug ID CSCuj03174.
{"cisco": [{"lastseen": "2017-09-26T15:33:57", "_object_types": ["robots.models.base.Bulletin", "robots.models.cisco.CiscoBulletin"], "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140106-CVE-2013-6982"], "description": "A vulnerability in the Border Gateway Protocol (BGP) functionality of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause all BGP sessions on the device to reset.\n\nThe vulnerability is due to the improper processing of specifically crafted BGP update messages. An attacker could exploit this vulnerability by crafting a specific BGP-labeled update message. An exploit could allow the attacker to cause all the BGP peers on a Cisco NX-OS device that are configured with either a VPNv4, VPNv6, or IPv6 labeled unicast address family to reset.\n\nCisco has confirmed the vulnerability in a security notice and released software updates.\n\nTo exploit this vulnerability, it is likely that an attacker would need access to trusted, internal networks in order to send crafted BGP update messages to be processed by the targeted device. This access requirement may reduce the likelihood of a successful exploit.\n\nCisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.", "reporter": "Cisco", "published": "2014-01-06T21:54:40", "type": "cisco", "title": "Cisco NX-OS Software Crafted Border Gateway Protocol Update Message Denial of Service Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Cisco NX-OS Software", "version": "any", "operator": "eq"}], "cvelist": ["CVE-2013-6982"], "_object_type": "robots.models.cisco.CiscoBulletin", "modified": "2014-01-06T21:54:25", "id": "CISCO-SA-20140106-CVE-2013-6982", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140106-CVE-2013-6982", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-10-22T16:40:44", "references": ["http://www.securityfocus.com/bid/64670", "https://tools.cisco.com/bugsearch/bug/CSCuj03174"], "pluginID": "1361412562310103879", "description": "Cisco NX-OS is prone to denial-of-service vulnerability because it\nfails to properly handle the BGP updates.", "edition": 8, "reporter": "This script is Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-01-13T00:00:00", "title": "Cisco NX-OS BGP Message Denial of Service Vulnerability", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CISCO", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-6982"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310103879", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103879", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_cisco_nx_os_64670.nasl 11867 2018-10-12 10:48:11Z cfischer $\n#\n# Cisco NX-OS BGP Message Denial of Service Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103879\");\n script_bugtraq_id(64670);\n script_cve_id(\"CVE-2013-6982\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 11867 $\");\n\n script_name(\"Cisco NX-OS BGP Message Denial of Service Vulnerability\");\n\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/64670\");\n script_xref(name:\"URL\", value:\"https://tools.cisco.com/bugsearch/bug/CSCuj03174\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:48:11 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-13 10:35:00 +0100 (Mon, 13 Jan 2014)\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_family(\"CISCO\");\n script_copyright(\"This script is Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_cisco_nx_os_version.nasl\");\n script_mandatory_keys(\"cisco_nx_os/version\", \"cisco_nx_os/model\", \"cisco_nx_os/device\");\n\n script_tag(name:\"impact\", value:\"An attacker can exploit this issue to cause all BGP sessions on the\ndevice to reset, denying service to legitimate users.\");\n script_tag(name:\"vuldetect\", value:\"Check the NX OS version.\");\n script_tag(name:\"insight\", value:\"This issue is being tracked by Cisco Bug ID CSCuj03174.\");\n script_tag(name:\"solution\", value:\"Updates are available.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Cisco NX-OS is prone to denial-of-service vulnerability because it\nfails to properly handle the BGP updates.\");\n script_tag(name:\"affected\", value:\"Cisco Nexus 7000 running NX-OS 6.2(2)S27\");\n\n exit(0);\n}\n\nif( ! device = get_kb_item( \"cisco_nx_os/device\" ) ) exit( 0 );\nif( \"Nexus\" >!< device ) exit( 0 );\n\nif ( ! nx_model = get_kb_item( \"cisco_nx_os/model\" ) ) exit( 0 );\nif ( ! nx_ver = get_kb_item( \"cisco_nx_os/version\" ) ) exit( 0 );\n\nif ( nx_model !~ \"^7\" )exit(99);\n\nif ( nx_ver == \"6.2(2)S27\" )\n{\n security_message(port:0, data:'Installed Version: ' + nx_ver + '\\nFixed Version: 7.0(0)ZD(0.132)');\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}
