Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is (C) 2010-2018 Tenable Network Security, Inc.CISCO-SA-20020508-NTP-VULNERABILITYHTTP.NASL
HistorySep 01, 2010 - 12:00 a.m.

NTP Vulnerability - Cisco Systems

2010-09-0100:00:00
This script is (C) 2010-2018 Tenable Network Security, Inc.
www.tenable.com
20
JSON

Network Time Protocol (NTP) is used to synchronize time on multiple devices. A vulnerability has been discovered in the NTP daemon query processing functionality. This vulnerability has been publicly announced.

Other Cisco software applications may run on Solaris platforms and where those products have not specifically been identified, customers should install security patches regularly in accordance with their normal maintenance procedures. Cisco is continuing to research this issue in other products that may be affected. Unless explicitly stated otherwise, all other products are considered to be unaffected. There are workarounds available to mitigate the effects.

#
# (C) Tenable Network Security, Inc.
#
# Security advisory is (C) CISCO, Inc.
# See https://www.cisco.com/en/US/products/products_security_advisory09186a00800b13d9.shtml

if (NASL_LEVEL < 3000) exit(0);

include("compat.inc");

if (description)
{
 script_id(48965);
 script_version("1.12");
 script_cve_id("CVE-2001-0414");
 script_bugtraq_id(2540);
 script_xref(name:"CERT", value:"970472");
 script_xref(name:"CISCO-BUG-ID", value:"CSCdt93866");
 script_xref(name:"CISCO-BUG-ID", value:"CSCdw35704");
 script_xref(name:"CISCO-SA", value:"cisco-sa-20020508-ntp-vulnerability");

 script_name(english:"NTP Vulnerability - Cisco Systems");
 script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch" );
 script_set_attribute(attribute:"description", value:
'Network Time Protocol (NTP) is used to synchronize time on multiple
devices. A vulnerability has been discovered in the NTP daemon query
processing functionality. This vulnerability has been publicly
announced. 

Other Cisco software applications may run on Solaris platforms and
where those products have not specifically been identified, customers
should install security patches regularly in accordance with their
normal maintenance procedures. 
Cisco is continuing to research this issue in other products that may
be affected. Unless explicitly stated otherwise, all other products are
considered to be unaffected. 
There are workarounds available to mitigate the effects. 
');
 # https://web.archive.org/web/20120309093308/http://archives.neohapsis.com/archives/bugtraq/2001-04/0041.html
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?b4069e30");
 # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020508-ntp-vulnerability
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?033c44be");
 # https://www.cisco.com/en/US/products/products_security_advisory09186a00800b13d9.shtml
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?631deffd");
 script_set_attribute(attribute:"solution", value:
"Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20020508-ntp-vulnerability."
 );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_set_attribute(attribute:"metasploit_name", value:'NTP Daemon readvar Buffer Overflow');
 script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_type", value: "local");
 script_set_attribute(attribute:"cpe", value: "cpe:/o:cisco:ios");
 script_set_attribute(attribute:"vuln_publication_date", value: "2001/04/04");
 script_set_attribute(attribute:"patch_publication_date", value: "2002/05/08");
 script_set_attribute(attribute:"plugin_publication_date", value: "2010/09/01");
 script_cvs_date("Date: 2018/11/15 20:50:20");

 script_end_attributes();
 script_summary(english:"Uses SNMP to determine if a flaw is present");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is (C) 2010-2018 Tenable Network Security, Inc.");
 script_family(english:"CISCO");
 script_dependencie("cisco_ios_version.nasl");
 script_require_keys("Host/Cisco/IOS/Version");
 exit(0);
}
include("cisco_func.inc");

#

version = get_kb_item_or_exit("Host/Cisco/IOS/Version");

# Affected: 10.3
if (deprecated_version(version, '10.3')) {
  security_hole(port:0, extra: '\nNo updates are scheduled for 10.3. Upgrade to a supported version\n'); exit(0);
}
# Affected: 11.0
if (deprecated_version(version, '11.0')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.1
if (deprecated_version(version, '11.1')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.1AA
if (deprecated_version(version, '11.1AA')) {
  security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 11.1CA
if (deprecated_version(version, '11.1CA')) {
  security_hole(port:0, extra: '\nNo updates are scheduled for 11.1CA. Upgrade to a supported version\n'); exit(0);
}
# Affected: 11.1CC
if (deprecated_version(version, '11.1CC')) {
  security_hole(port:0, extra: '\nNo updates are scheduled for 11.1CC. Upgrade to a supported version\n'); exit(0);
}
# Affected: 11.1CT
if (deprecated_version(version, '11.1CT')) {
  security_hole(port:0, extra: '\nNo updates are scheduled for 11.1CT. Upgrade to a supported version\n'); exit(0);
}
# Affected: 11.1IA
if (deprecated_version(version, '11.1IA')) {
  security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 11.2
if (deprecated_version(version, '11.2')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.2BC
if (deprecated_version(version, '11.2BC')) {
  security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 11.2F
if (deprecated_version(version, '11.2F')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.2GS
if (deprecated_version(version, '11.2GS')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.2P
if (deprecated_version(version, '11.2P')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.2SA
if (deprecated_version(version, '11.2SA')) {
  security_hole(port:0, extra: '\nUpdate to 12.0W or later\n'); exit(0);
}
# Affected: 11.2WA4
if (deprecated_version(version, '11.2WA') && version =~ 'WA4') {
  security_hole(port:0, extra: '\nUpdate to 12.0W or later\n'); exit(0);
}
# Affected: 11.2XA
if (deprecated_version(version, '11.2XA')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.3
if (deprecated_version(version, '11.3')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.3AA
if (deprecated_version(version, '11.3AA')) {
  security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 11.3DA
if (deprecated_version(version, '11.3DA')) {
  security_hole(port:0, extra: '\nUpdate to 12.3 or later\n'); exit(0);
}
# Affected: 11.3DB
if (deprecated_version(version, '11.3DB')) {
  security_hole(port:0, extra: '\nUpdate to 12.2B or later\n'); exit(0);
}
# Affected: 11.3HA
if (deprecated_version(version, '11.3HA')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.3MA
if (deprecated_version(version, '11.3MA')) {
  security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 11.3NA
if (deprecated_version(version, '11.3NA')) {
  security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 11.3T
if (deprecated_version(version, '11.3T')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.3XA
if (deprecated_version(version, '11.3XA')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23) or later\n'); exit(0);
}
# Affected: 11.3WA4
if (deprecated_version(version, '11.3WA') && version =~ 'WA4') {
  security_hole(port:0, extra: '\nUpdate to 12.0WA or later\n'); exit(0);
}
# Affected: 12.0
if (check_release(version: version,
                  patched: make_list("12.0(22.4)", "12.0(23)"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.0DA
if (deprecated_version(version, '12.0DA')) {
  security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.0DB
if (deprecated_version(version, '12.0DB')) {
  security_hole(port:0, extra: '\nUpdate to 12.2(15)B or later\n'); exit(0);
}
# Affected: 12.0DC
if (deprecated_version(version, '12.0DC')) {
  security_hole(port:0, extra: '\nUpdate to 12.2(15)B or later\n'); exit(0);
}
# Affected: 12.0S
if (check_release(version: version,
                  patched: make_list("12.0(16)S9", "12.0(21)S3", "12.0(21.4)S", "12.0(22.3)S1", "12.0(22)S"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.0SC
if (deprecated_version(version, '12.0SC')) {
  security_hole(port:0, extra: '\nUpdate to 12.1(13)EC1 or later\n'); exit(0);
}
# Affected: 12.0SL
if (deprecated_version(version, '12.0SL')) {
  security_hole(port:0, extra: '\nUpdate to 12.0(23)S3 or later\n'); exit(0);
}
# Affected: 12.0SP
if (check_release(version: version,
                  patched: make_list("12.0(21)SP1") )) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.0ST
if (check_release(version: version,
                  patched: make_list("12.0(21)ST3") )) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.0SY
if (check_release(version: version,
                  patched: make_list("12.0(21.4)SY", "12.0(22)SY"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.0T
if (deprecated_version(version, '12.0T')) {
  security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0W
if (
  'W5' >< version && # avoid flagging releases like W4
  check_release(version: version, patched: make_list("12.0(24)W5(26)", "12.0(24)W5(26a)", "12.0(25)W5(27)") )) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.0WC
if (check_release(version: version,
                  patched: make_list("12.0(5)WC5a") )) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.0WT
if (deprecated_version(version, "12.0WT")) {
 security_hole(port:0, extra: '\n12.1T releases are vulnerable. Contact Cisco for a fix\n'); exit(0);
}
# Affected: 12.0XA
if (deprecated_version(version, "12.0XA")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XB
if (deprecated_version(version, "12.0XB")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XC
if (deprecated_version(version, "12.0XC")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XD
if (deprecated_version(version, "12.0XD")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XE
if (deprecated_version(version, "12.0XE")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(8b)E14 or later\n'); exit(0);
}
# Affected: 12.0XF
if (deprecated_version(version, "12.0XF")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XG
if (deprecated_version(version, "12.0XG")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XH
if (deprecated_version(version, "12.0XH")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XI
if (deprecated_version(version, "12.0XI")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XJ
if (deprecated_version(version, "12.0XJ")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0(5)XK
if (version == '12.0(5)XK') {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0(7)XK
if (version == '12.0(7)XK') {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.0XL
if (deprecated_version(version, "12.0XL")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XM
if (deprecated_version(version, "12.0XM")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.0XN
if (deprecated_version(version, "12.0XN")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XP
if (deprecated_version(version, "12.0XP")) {
 security_hole(port:0, extra: '\nUpdate to 12.0(5)WC5a or later\n'); exit(0);
}
# Affected: 12.0XQ
if (deprecated_version(version, "12.0XQ")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(16) or later\n'); exit(0);
}
# Affected: 12.0XR
if (deprecated_version(version, "12.0XR")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.0XS
if (deprecated_version(version, "12.0XS")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(8b)E14 later\n'); exit(0);
}
# Affected: 12.0XU
if (deprecated_version(version, "12.0XU")) {
 security_hole(port:0, extra: '\nUpdate to 12.0(05)WC05a or later\n'); exit(0);
}
# Affected: 12.0XV
if (deprecated_version(version, "12.0XV")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1
if (check_release(version: version,
                  patched: make_list("12.1(15.3)", "12.1(16)"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.1AA
if (deprecated_version(version, "12.1AA")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1DA
if (deprecated_version(version, "12.1DA")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.1DB
if (deprecated_version(version, "12.1DB")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(15)B or later\n'); exit(0);
}
# Affected: 12.1DC
if (deprecated_version(version, "12.1DC")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(15)B or later\n'); exit(0);
}
# Affected: 12.1E
if (check_release(version: version,
                  patched: make_list("12.1(12c)E1", "12.1(8b)E14", "12.1(12.5)E", "12.1(18.1)E", "12.1(19)E"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.1EA
if (check_release(version: version,
                  patched: make_list("12.1(11)EA1"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.1EC
if (check_release(version: version,
                  patched: make_list("12.1(12.5)EC", "12.1(13)EC1"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.1EV
# need to do two calls to check_release() to account for deficiencies in the library
# alternatively, checking everything < 12.1(10)EV4 excluding 12.1(10)EV1b might be an acceptable approach
if (
  check_release(version: version, patched: make_list("12.1(10)EV1b")) ||
  check_release(version: version, patched: make_list("12.1(10)EV4"), oldest:'12.1(10)EV1c')) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.1EW
if (check_release(version: version,
                  patched: make_list("12.1(12c)EW"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.1(1)EX
if (version == '12.1(1)EX') {
 security_hole(port:0, extra: '\nUpdate to 12.1(8b)E14 or later\n'); exit(0);
}
# Affected: 12.1(10)EX
if (version == '12.1(10)EX') {
 security_hole(port:0, extra: '\nUpdate to 12.1(13)EX or later\n'); exit(0);
}
if (deprecated_version(version, "12.1EY")) {
 security_hole(port:0, extra: '\nUpdate to 12.1(19)E or later\n'); exit(0);
}
# Affected: 12.1EZ
if (check_release(version: version,
                  patched: make_list("12.1(6)EZ8") )) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.1T
if (deprecated_version(version, "12.1T")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1XA
if (deprecated_version(version, "12.1XA")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1XB
if (deprecated_version(version, "12.1XB")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1XC
if (deprecated_version(version, "12.1XC")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1XD
if (deprecated_version(version, "12.1XD")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1XF
if (deprecated_version(version, "12.1XF")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1XG
if (deprecated_version(version, "12.1XG")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.1XH
if (deprecated_version(version, "12.1XH")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1XI
if (deprecated_version(version, "12.1XI")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1XJ
if (deprecated_version(version, "12.1XJ")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1XJ. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1XK
if (deprecated_version(version, "12.1XK")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1XK. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1XL
if (deprecated_version(version, "12.1XL")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1XM
if (deprecated_version(version, "12.1XM")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.1XP
if (deprecated_version(version, "12.1XP")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1XP. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1XQ
if (deprecated_version(version, "12.1XQ")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(10) or later\n'); exit(0);
}
# Affected: 12.1XR
if (deprecated_version(version, "12.1XR")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.1XS
if (deprecated_version(version, "12.1XS")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1XS. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1XT
if (deprecated_version(version, "12.1XT")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1XT. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1XU
if (deprecated_version(version, "12.1XU")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1XU. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1XV
if (deprecated_version(version, "12.1XV")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.1XW
if (deprecated_version(version, "12.1XW")) {
 security_hole(port:0, extra: '\nUpdate to 12.3 or later\n'); exit(0);
}
# Affected: 12.1XX
if (deprecated_version(version, "12.1XX")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1XX. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1XY
if (deprecated_version(version, "12.1XY")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1XY. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1XZ
if (deprecated_version(version, "12.1XZ")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1XZ. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1YA
if (deprecated_version(version, "12.1YA")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1YA. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1YB
if (deprecated_version(version, "12.1YB")) {
 security_hole(port:0, extra: '\nNo updates are scheduled for 12.1YB. Upgrade to a supported version\n'); exit(0);
}
# Affected: 12.1YC
if (deprecated_version(version, "12.1YC")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.1YD
if (deprecated_version(version, "12.1YD")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.1YF
if (deprecated_version(version, "12.1YF")) {
 security_hole(port:0, extra: '\nUpdate to 12.3 or later\n'); exit(0);
}
# Affected: 12.2
if (check_release(version: version,
                  patched: make_list("12.2(6g)", "12.2(7.4)", "12.2(10)"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2B
if (check_release(version: version,
                  patched: make_list("12.2(7.6)B", "12.2(15)B"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2BX
if (check_release(version: version,
                  patched: make_list("12.2(15)BX"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2BW
if (check_release(version: version,
                  patched: make_list("12.2(15)BW") )) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2DA
if (check_release(version: version,
                  patched: make_list("12.2(9.4)DA", "12.2(10)DA"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2S
if (check_release(version: version,
                  patched: make_list("12.2(7.4)S", "12.2(14)S"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2T
if (check_release(version: version,
                  patched: make_list("12.2(7.4)T", "12.2(8)T"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2XA
if (deprecated_version(version, "12.2XA")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.2XB
if (check_release(version: version,
                  patched: make_list("12.2(2)XB7") )) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2XD
if (deprecated_version(version, "12.2XD")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.2XE
if (deprecated_version(version, "12.2XE")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.2XH
if (deprecated_version(version, "12.2XH")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(8)T or later\n'); exit(0);
}
# Affected: 12.2XQ
if (deprecated_version(version, "12.2XQ")) {
 security_hole(port:0, extra: '\nUpdate to 12.2(11)T or later\n'); exit(0);
}
# Affected: 12.2XZ
if (check_release(version: version,
                  patched: make_list("12.2(4)XZ5") )) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2YA
if (check_release(version: version,
                  patched: make_list("12.2(4)YA3") )) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2YC
if (check_release(version: version,
                  patched: make_list("12.2(2)YC4") )) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}
# Affected: 12.2ZN
if (check_release(version: version,
                  patched: make_list("12.2(15)ZN"))) {
 security_hole(port:0, extra: '\nUpdate to ' + patch_update + ' or later\n'); exit(0);
}

exit(0, "The remote host is not affected");
VendorProductVersionCPE
ciscoioscpe:/o:cisco:ios

Related

packetstorm 1
suse 1
nessus 4
cert 2
openvas 3
cisco 1
cve 1
packetstorm
packetstorm
NTPd Buffer Overflow
2009-10-27 00:00:00
suse
suse
remote root compromise in xntp
2016-04-09 22:30:00
nessus
nessus
Network Time Protocol Daemon (ntpd) readvar Variable Overflow RCE
2001-04-10 00:00:00
Debian DSA-045-2 : ntpd - remote root exploit
2004-09-29 00:00:00
Mandrake Linux Security Advisory : ntp (MDKSA-2001:036)
2012-09-06 00:00:00
cert
cert
Cisco Content Services Switch (CSS) permits non-privileged user to enter debug mode
2001-04-28 00:00:00
Network Time Protocol ([x]ntpd) daemon contains buffer overflow in ntp_control:ctl_getitem() function
2001-04-05 00:00:00
openvas
openvas
NTP < 4.2 DoS Vulnerability
2021-06-21 00:00:00
Debian Security Advisory DSA 045-1 (ntp)
2008-01-17 00:00:00
Debian Security Advisory DSA 045-1 (ntp)
2008-01-17 00:00:00
cisco
cisco
NTP Vulnerability
2002-05-08 16:00:00
cve
cve
CVE-2001-0414
2001-06-18 04:00:00
JSON
Related for CISCO-SA-20020508-NTP-VULNERABILITYHTTP.NASL
packetstorm1suse1nessus4cert2openvas3cisco1cve1