Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is (C) 2010-2018 Tenable Network Security, Inc.CISCO-SA-20070522-CRYPTO.NASL
HistorySep 01, 2010 - 12:00 a.m.

Vulnerability In Crypto Library - Cisco Systems

2010-09-0100:00:00
This script is (C) 2010-2018 Tenable Network Security, Inc.
www.tenable.com
8
JSON

A vulnerability has been discovered in a third-party cryptographic library that is used by a number of Cisco products. This vulnerability may be triggered when a malformed Abstract Syntax Notation One (ASN.1) object is parsed. Due to the nature of the vulnerability it may be possible, in some cases, to trigger this vulnerability without a valid certificate or valid application-layer credentials (such as a valid username or password). Successful, repeated exploitation of any of these vulnerabilities may lead to a sustained denial of service (DoS);
however, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker to decrypt any previously encrypted information. Cisco has made free software available to address this vulnerability for affected customers. There are no workarounds available to mitigate the effects of the vulnerability.

#TRUSTED 5cf0074093ce72330a3ae51c2b63ef1661ceb1b12de6e0a74bb3ca7e0cfc511e2d7ee123cb0b54f3f7bbde42d1647517f1e294deca80a59ca57ca5572161c91970f17411e9b98c446c3fda0d387b0eee1a69e3d7594ca61111029d3d2fbfa4df152b8c7d711c138f55e2e98bdeb591714d7031797a85699a3881eff12de3f3de265b7edf8bad9d9bea75f9d47751bfa8ea208c698f27e7f53627065510cdaa871c33303f2b178a2e738e787209438b03f2cc651dc2abaf84e5753d41e7c8be8aa883b6eeb87d3bb92cf3f0f0283e0b3347dde28720981da2038da0096290652f3fa63d205998e72331dc8c851b11ba5db7cb1ef9b79ce820aee88cee9a3c4539c19510486d7315da5fd8e5e230d6901c581b0e45ec4a9b216f28757598369feb77f7db656a67ae1d321b11f79be9c9f094a9afb25317373f1c4b51c394759d7f9f96325bf09e744944e20851beb3d684a960f3f8a8bee192ec43b42c5ec95b915481865e4c5f17515e971b3dfe50df64a35c35348527dda93b5ba320abd59a0433806c3bcc50cd6875c7731b0ed298fc6fc6e77887cf51bde6db80ea73511e34fb582b2c9ff41d1faa1534ec9d24cc855fa0b56dbeb0ea2062b2065494008a3613c18c2e4b609cc23a0372c153c5cc19ad6ec8ca1426c797a08b3db9fdcff1d1b61a516ea9f87a148f4a46ce4a56d591f336b4406fad8d061c0f681c0d92664a
#
# (C) Tenable Network Security, Inc.
#
# Security advisory is (C) CISCO, Inc.
# See https://www.cisco.com/en/US/products/products_security_advisory09186a00809bb300.shtml

include("compat.inc");

if (description)
{
 script_id(49004);
 script_version("1.21");
 script_set_attribute(attribute:"plugin_modification_date", value:"2018/11/15");

 script_cve_id("CVE-2006-3894");
 script_bugtraq_id(24104);
 script_xref(name:"CERT", value:"754281");
 script_xref(name:"CISCO-BUG-ID", value:"CSCsd85587");
 script_xref(name:"CISCO-BUG-ID", value:"CSCse91999");
 script_xref(name:"CISCO-BUG-ID", value:"CSCsg41084");
 script_xref(name:"CISCO-BUG-ID", value:"CSCsg410843");
 script_xref(name:"CISCO-BUG-ID", value:"CSCsg44348");
 script_xref(name:"CISCO-BUG-ID", value:"CSCsi97695");
 script_xref(name:"CISCO-SA", value:"cisco-sa-20070522-crypto");

 script_name(english:"Vulnerability In Crypto Library - Cisco Systems");
 script_summary(english:"Checks the IOS version.");
 script_set_attribute(attribute:"synopsis", value:"The remote device is missing a vendor-supplied security patch.");
 script_set_attribute(attribute:"description", value:
"A vulnerability has been discovered in a third-party cryptographic
library that is used by a number of Cisco products. This vulnerability
may be triggered when a malformed Abstract Syntax Notation One (ASN.1)
object is parsed. Due to the nature of the vulnerability it may be
possible, in some cases, to trigger this vulnerability without a valid
certificate or valid application-layer credentials (such as a valid
username or password). Successful, repeated exploitation of any of
these vulnerabilities may lead to a sustained denial of service (DoS);
however, vulnerabilities are not known to compromise either the
confidentiality or integrity of the data or the device. These
vulnerabilities are not believed to allow an attacker to decrypt any
previously encrypted information. Cisco has made free software
available to address this vulnerability for affected customers. There
are no workarounds available to mitigate the effects of the
vulnerability.");
 # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070522-crypto
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?aff94393");
 # https://www.cisco.com/en/US/products/products_security_advisory09186a00809bb300.shtml
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?0072356d");
 script_set_attribute(attribute:"solution", value:
"Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20070522-crypto.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");

 script_set_attribute(attribute:"vuln_publication_date", value:"2007/05/22");
 script_set_attribute(attribute:"patch_publication_date", value:"2007/05/22");
 script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/01");

 script_end_attributes();
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is (C) 2010-2018 Tenable Network Security, Inc.");
 script_family(english:"CISCO");

 script_dependencie("cisco_ios_version.nasl");
 script_require_keys("Host/Cisco/IOS/Version");
 exit(0);
}

include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");

flag = 0;
version = get_kb_item_or_exit("Host/Cisco/IOS/Version");
override = 0;

if (version == '12.4(6)XP') flag++;
else if (version == '12.4(11)XJ') flag++;
else if (version == '12.4(6)XE2') flag++;
else if (version == '12.4(6)XE1') flag++;
else if (version == '12.4(6)XE') flag++;
else if (version == '12.4(4)XD5') flag++;
else if (version == '12.4(4)XD4') flag++;
else if (version == '12.4(4)XD2') flag++;
else if (version == '12.4(4)XD1') flag++;
else if (version == '12.4(4)XD') flag++;
else if (version == '12.4(4)XC5') flag++;
else if (version == '12.4(4)XC4') flag++;
else if (version == '12.4(4)XC3') flag++;
else if (version == '12.4(4)XC2') flag++;
else if (version == '12.4(4)XC1') flag++;
else if (version == '12.4(4)XC') flag++;
else if (version == '12.4(2)XB5') flag++;
else if (version == '12.4(2)XB4') flag++;
else if (version == '12.4(2)XB3') flag++;
else if (version == '12.4(2)XB2') flag++;
else if (version == '12.4(2)XB1') flag++;
else if (version == '12.4(2)XB') flag++;
else if (version == '12.4(2)XA2') flag++;
else if (version == '12.4(2)XA1') flag++;
else if (version == '12.4(2)XA') flag++;
else if (version == '12.4(11)T') flag++;
else if (version == '12.4(9)T2') flag++;
else if (version == '12.4(9)T1') flag++;
else if (version == '12.4(9)T') flag++;
else if (version == '12.4(6)T6') flag++;
else if (version == '12.4(6)T5') flag++;
else if (version == '12.4(6)T4') flag++;
else if (version == '12.4(6)T3') flag++;
else if (version == '12.4(6)T2') flag++;
else if (version == '12.4(6)T1') flag++;
else if (version == '12.4(6)T') flag++;
else if (version == '12.4(4)T7') flag++;
else if (version == '12.4(4)T6') flag++;
else if (version == '12.4(4)T5') flag++;
else if (version == '12.4(4)T4') flag++;
else if (version == '12.4(4)T3') flag++;
else if (version == '12.4(4)T2') flag++;
else if (version == '12.4(4)T1') flag++;
else if (version == '12.4(4)T') flag++;
else if (version == '12.4(2)T5') flag++;
else if (version == '12.4(2)T4') flag++;
else if (version == '12.4(2)T3') flag++;
else if (version == '12.4(2)T2') flag++;
else if (version == '12.4(2)T1') flag++;
else if (version == '12.4(2)T') flag++;
else if (version == '12.4(11)SW') flag++;
else if (version == '12.4(12)MR1') flag++;
else if (version == '12.4(12)MR') flag++;
else if (version == '12.4(11)MR') flag++;
else if (version == '12.4(8c)') flag++;
else if (version == '12.4(8b)') flag++;
else if (version == '12.4(8a)') flag++;
else if (version == '12.4(8)') flag++;
else if (version == '12.4(7c)') flag++;
else if (version == '12.4(7b)') flag++;
else if (version == '12.4(7a)') flag++;
else if (version == '12.4(7)') flag++;
else if (version == '12.4(5b)') flag++;
else if (version == '12.4(5a)') flag++;
else if (version == '12.4(5)') flag++;
else if (version == '12.4(3g)') flag++;
else if (version == '12.4(3f)') flag++;
else if (version == '12.4(3e)') flag++;
else if (version == '12.4(3d)') flag++;
else if (version == '12.4(3c)') flag++;
else if (version == '12.4(3b)') flag++;
else if (version == '12.4(3a)') flag++;
else if (version == '12.4(3)') flag++;
else if (version == '12.4(1c)') flag++;
else if (version == '12.4(1b)') flag++;
else if (version == '12.4(1a)') flag++;
else if (version == '12.4(1)') flag++;
else if (version == '12.3(8)ZA') flag++;
else if (version == '12.3(11)YZ1') flag++;
else if (version == '12.3(11)YZ') flag++;
else if (version == '12.3(14)YX5') flag++;
else if (version == '12.3(14)YX4') flag++;
else if (version == '12.3(14)YX3') flag++;
else if (version == '12.3(14)YX2') flag++;
else if (version == '12.3(14)YX1') flag++;
else if (version == '12.3(14)YX') flag++;
else if (version == '12.3(14)YU1') flag++;
else if (version == '12.3(14)YU') flag++;
else if (version == '12.3(14)YT1') flag++;
else if (version == '12.3(14)YT') flag++;
else if (version == '12.3(11)YS1') flag++;
else if (version == '12.3(11)YS') flag++;
else if (version == '12.3(14)YQ8') flag++;
else if (version == '12.3(14)YQ7') flag++;
else if (version == '12.3(14)YQ6') flag++;
else if (version == '12.3(14)YQ5') flag++;
else if (version == '12.3(14)YQ4') flag++;
else if (version == '12.3(14)YQ3') flag++;
else if (version == '12.3(14)YQ2') flag++;
else if (version == '12.3(14)YQ1') flag++;
else if (version == '12.3(14)YQ') flag++;
else if (version == '12.3(11)YK2') flag++;
else if (version == '12.3(11)YK1') flag++;
else if (version == '12.3(11)YK') flag++;
else if (version == '12.3(8)YI3') flag++;
else if (version == '12.3(8)YI2') flag++;
else if (version == '12.3(8)YI1') flag++;
else if (version == '12.3(8)YH') flag++;
else if (version == '12.3(8)YG5') flag++;
else if (version == '12.3(8)YG4') flag++;
else if (version == '12.3(8)YG3') flag++;
else if (version == '12.3(8)YG2') flag++;
else if (version == '12.3(8)YG1') flag++;
else if (version == '12.3(8)YG') flag++;
else if (version == '12.3(11)YF4') flag++;
else if (version == '12.3(11)YF3') flag++;
else if (version == '12.3(11)YF2') flag++;
else if (version == '12.3(11)YF1') flag++;
else if (version == '12.3(11)YF') flag++;
else if (version == '12.3(8)YD1') flag++;
else if (version == '12.3(8)YD') flag++;
else if (version == '12.3(8)YA1') flag++;
else if (version == '12.3(8)YA') flag++;
else if (version == '12.3(8)XX1') flag++;
else if (version == '12.3(8)XX') flag++;
else if (version == '12.3(8)XW3') flag++;
else if (version == '12.3(8)XW2') flag++;
else if (version == '12.3(8)XW1') flag++;
else if (version == '12.3(8)XW') flag++;
else if (version == '12.3(8)XU5') flag++;
else if (version == '12.3(8)XU4') flag++;
else if (version == '12.3(8)XU3') flag++;
else if (version == '12.3(8)XU2') flag++;
else if (version == '12.3(7)XS2') flag++;
else if (version == '12.3(7)XS1') flag++;
else if (version == '12.3(7)XS') flag++;
else if (version == '12.3(7)XR6') flag++;
else if (version == '12.3(7)XR5') flag++;
else if (version == '12.3(7)XR4') flag++;
else if (version == '12.3(7)XR3') flag++;
else if (version == '12.3(7)XR2') flag++;
else if (version == '12.3(7)XR') flag++;
else if (version == '12.3(4)XQ1') flag++;
else if (version == '12.3(4)XQ') flag++;
else if (version == '12.3(11)XL1') flag++;
else if (version == '12.3(11)XL') flag++;
else if (version == '12.3(4)XK4') flag++;
else if (version == '12.3(4)XK3') flag++;
else if (version == '12.3(4)XK2') flag++;
else if (version == '12.3(4)XK1') flag++;
else if (version == '12.3(4)XK') flag++;
else if (version == '12.3(7)XJ2') flag++;
else if (version == '12.3(7)XJ1') flag++;
else if (version == '12.3(7)XJ') flag++;
else if (version == '12.3(7)XI9') flag++;
else if (version == '12.3(7)XI8d') flag++;
else if (version == '12.3(7)XI8c') flag++;
else if (version == '12.3(7)XI8a') flag++;
else if (version == '12.3(7)XI8') flag++;
else if (version == '12.3(7)XI7b') flag++;
else if (version == '12.3(7)XI7a') flag++;
else if (version == '12.3(7)XI7') flag++;
else if (version == '12.3(7)XI6') flag++;
else if (version == '12.3(7)XI5') flag++;
else if (version == '12.3(7)XI4') flag++;
else if (version == '12.3(7)XI3') flag++;
else if (version == '12.3(7)XI2a') flag++;
else if (version == '12.3(7)XI2') flag++;
else if (version == '12.3(7)XI10') flag++;
else if (version == '12.3(7)XI1c') flag++;
else if (version == '12.3(7)XI1b') flag++;
else if (version == '12.3(7)XI1') flag++;
else if (version == '12.3(4)XG5') flag++;
else if (version == '12.3(4)XG4') flag++;
else if (version == '12.3(4)XG3') flag++;
else if (version == '12.3(4)XG2') flag++;
else if (version == '12.3(4)XG1') flag++;
else if (version == '12.3(4)XG') flag++;
else if (version == '12.3(2)XF') flag++;
else if (version == '12.3(2)XE4') flag++;
else if (version == '12.3(2)XE3') flag++;
else if (version == '12.3(2)XE2') flag++;
else if (version == '12.3(2)XE1') flag++;
else if (version == '12.3(2)XE') flag++;
else if (version == '12.3(4)XD4') flag++;
else if (version == '12.3(4)XD3') flag++;
else if (version == '12.3(4)XD2') flag++;
else if (version == '12.3(4)XD1') flag++;
else if (version == '12.3(4)XD') flag++;
else if (version == '12.3(2)XC4') flag++;
else if (version == '12.3(2)XC3') flag++;
else if (version == '12.3(2)XC2') flag++;
else if (version == '12.3(2)XC1') flag++;
else if (version == '12.3(2)XC') flag++;
else if (version == '12.3(2)XB3') flag++;
else if (version == '12.3(2)XB1') flag++;
else if (version == '12.3(2)XB') flag++;
else if (version == '12.3(2)XA5') flag++;
else if (version == '12.3(2)XA4') flag++;
else if (version == '12.3(2)XA3') flag++;
else if (version == '12.3(2)XA2') flag++;
else if (version == '12.3(2)XA1') flag++;
else if (version == '12.3(2)XA') flag++;
else if (version == '12.3(4)TPC11a') flag++;
else if (version == '12.3(14)T7') flag++;
else if (version == '12.3(14)T6') flag++;
else if (version == '12.3(14)T5') flag++;
else if (version == '12.3(14)T3') flag++;
else if (version == '12.3(14)T2') flag++;
else if (version == '12.3(14)T1') flag++;
else if (version == '12.3(14)T') flag++;
else if (version == '12.3(11)T9') flag++;
else if (version == '12.3(11)T8') flag++;
else if (version == '12.3(11)T7') flag++;
else if (version == '12.3(11)T6') flag++;
else if (version == '12.3(11)T5') flag++;
else if (version == '12.3(11)T4') flag++;
else if (version == '12.3(11)T3') flag++;
else if (version == '12.3(11)T2') flag++;
else if (version == '12.3(11)T11') flag++;
else if (version == '12.3(11)T10') flag++;
else if (version == '12.3(11)T') flag++;
else if (version == '12.3(8)T9') flag++;
else if (version == '12.3(8)T8') flag++;
else if (version == '12.3(8)T7') flag++;
else if (version == '12.3(8)T6') flag++;
else if (version == '12.3(8)T5') flag++;
else if (version == '12.3(8)T4') flag++;
else if (version == '12.3(8)T3') flag++;
else if (version == '12.3(8)T11') flag++;
else if (version == '12.3(8)T10') flag++;
else if (version == '12.3(8)T1') flag++;
else if (version == '12.3(8)T') flag++;
else if (version == '12.3(7)T9') flag++;
else if (version == '12.3(7)T8') flag++;
else if (version == '12.3(7)T7') flag++;
else if (version == '12.3(7)T6') flag++;
else if (version == '12.3(7)T4') flag++;
else if (version == '12.3(7)T3') flag++;
else if (version == '12.3(7)T2') flag++;
else if (version == '12.3(7)T12') flag++;
else if (version == '12.3(7)T11') flag++;
else if (version == '12.3(7)T10') flag++;
else if (version == '12.3(7)T1') flag++;
else if (version == '12.3(7)T') flag++;
else if (version == '12.3(4)T9') flag++;
else if (version == '12.3(4)T8') flag++;
else if (version == '12.3(4)T7') flag++;
else if (version == '12.3(4)T6') flag++;
else if (version == '12.3(4)T4') flag++;
else if (version == '12.3(4)T3') flag++;
else if (version == '12.3(4)T2') flag++;
else if (version == '12.3(4)T13') flag++;
else if (version == '12.3(4)T11') flag++;
else if (version == '12.3(4)T10') flag++;
else if (version == '12.3(4)T1') flag++;
else if (version == '12.3(4)T') flag++;
else if (version == '12.3(2)T9') flag++;
else if (version == '12.3(2)T8') flag++;
else if (version == '12.3(2)T7') flag++;
else if (version == '12.3(2)T6') flag++;
else if (version == '12.3(2)T5') flag++;
else if (version == '12.3(2)T4') flag++;
else if (version == '12.3(2)T3') flag++;
else if (version == '12.3(2)T2') flag++;
else if (version == '12.3(2)T1') flag++;
else if (version == '12.3(2)T') flag++;
else if (version == '12.3(11)JX1') flag++;
else if (version == '12.3(11)JX') flag++;
else if (version == '12.3(7)JX7') flag++;
else if (version == '12.3(7)JX6') flag++;
else if (version == '12.3(7)JX5') flag++;
else if (version == '12.3(7)JX4') flag++;
else if (version == '12.3(7)JX3') flag++;
else if (version == '12.3(7)JX2') flag++;
else if (version == '12.3(7)JX1') flag++;
else if (version == '12.3(7)JX') flag++;
else if (version == '12.3(2)JL') flag++;
else if (version == '12.3(2)JK2') flag++;
else if (version == '12.3(2)JK1') flag++;
else if (version == '12.3(2)JK') flag++;
else if (version == '12.3(8)JEA1') flag++;
else if (version == '12.3(8)JEA') flag++;
else if (version == '12.3(11)JA1') flag++;
else if (version == '12.3(11)JA') flag++;
else if (version == '12.3(8)JA2') flag++;
else if (version == '12.3(8)JA1') flag++;
else if (version == '12.3(8)JA') flag++;
else if (version == '12.3(7)JA4') flag++;
else if (version == '12.3(7)JA3') flag++;
else if (version == '12.3(7)JA2') flag++;
else if (version == '12.3(7)JA1') flag++;
else if (version == '12.3(7)JA') flag++;
else if (version == '12.3(4)JA2') flag++;
else if (version == '12.3(4)JA1') flag++;
else if (version == '12.3(4)JA') flag++;
else if (version == '12.3(2)JA6') flag++;
else if (version == '12.3(2)JA5') flag++;
else if (version == '12.3(2)JA2') flag++;
else if (version == '12.3(2)JA1') flag++;
else if (version == '12.3(2)JA') flag++;
else if (version == '12.3(21)BC') flag++;
else if (version == '12.3(17b)BC5') flag++;
else if (version == '12.3(17b)BC4') flag++;
else if (version == '12.3(17b)BC3') flag++;
else if (version == '12.3(17a)BC2') flag++;
else if (version == '12.3(17a)BC1') flag++;
else if (version == '12.3(17a)BC') flag++;
else if (version == '12.3(13a)BC6') flag++;
else if (version == '12.3(13a)BC5') flag++;
else if (version == '12.3(13a)BC4') flag++;
else if (version == '12.3(13a)BC3') flag++;
else if (version == '12.3(13a)BC2') flag++;
else if (version == '12.3(13a)BC1') flag++;
else if (version == '12.3(13a)BC') flag++;
else if (version == '12.3(9a)BC9') flag++;
else if (version == '12.3(9a)BC8') flag++;
else if (version == '12.3(9a)BC7') flag++;
else if (version == '12.3(9a)BC6') flag++;
else if (version == '12.3(9a)BC5') flag++;
else if (version == '12.3(9a)BC4') flag++;
else if (version == '12.3(9a)BC3') flag++;
else if (version == '12.3(9a)BC2') flag++;
else if (version == '12.3(9a)BC1') flag++;
else if (version == '12.3(9a)BC') flag++;
else if (version == '12.3(5a)B5') flag++;
else if (version == '12.3(5a)B4') flag++;
else if (version == '12.3(5a)B3') flag++;
else if (version == '12.3(5a)B2') flag++;
else if (version == '12.3(5a)B1') flag++;
else if (version == '12.3(5a)B') flag++;
else if (version == '12.3(3)B1') flag++;
else if (version == '12.3(3)B') flag++;
else if (version == '12.3(1a)B') flag++;
else if (version == '12.3(21)') flag++;
else if (version == '12.3(20)') flag++;
else if (version == '12.3(19)') flag++;
else if (version == '12.3(18)') flag++;
else if (version == '12.3(17b)') flag++;
else if (version == '12.3(17a)') flag++;
else if (version == '12.3(17)') flag++;
else if (version == '12.3(16a)') flag++;
else if (version == '12.3(16)') flag++;
else if (version == '12.3(15b)') flag++;
else if (version == '12.3(15a)') flag++;
else if (version == '12.3(15)') flag++;
else if (version == '12.3(13b)') flag++;
else if (version == '12.3(13a)') flag++;
else if (version == '12.3(13)') flag++;
else if (version == '12.3(12e)') flag++;
else if (version == '12.3(12d)') flag++;
else if (version == '12.3(12c)') flag++;
else if (version == '12.3(12b)') flag++;
else if (version == '12.3(12a)') flag++;
else if (version == '12.3(12)') flag++;
else if (version == '12.3(10f)') flag++;
else if (version == '12.3(10e)') flag++;
else if (version == '12.3(10d)') flag++;
else if (version == '12.3(10c)') flag++;
else if (version == '12.3(10b)') flag++;
else if (version == '12.3(10a)') flag++;
else if (version == '12.3(10)') flag++;
else if (version == '12.3(9e)') flag++;
else if (version == '12.3(9d)') flag++;
else if (version == '12.3(9c)') flag++;
else if (version == '12.3(9b)') flag++;
else if (version == '12.3(9a)') flag++;
else if (version == '12.3(9)') flag++;
else if (version == '12.3(6f)') flag++;
else if (version == '12.3(6e)') flag++;
else if (version == '12.3(6c)') flag++;
else if (version == '12.3(6b)') flag++;
else if (version == '12.3(6a)') flag++;
else if (version == '12.3(6)') flag++;
else if (version == '12.3(5f)') flag++;
else if (version == '12.3(5e)') flag++;
else if (version == '12.3(5d)') flag++;
else if (version == '12.3(5c)') flag++;
else if (version == '12.3(5b)') flag++;
else if (version == '12.3(5a)') flag++;
else if (version == '12.3(5)') flag++;
else if (version == '12.3(3i)') flag++;
else if (version == '12.3(3h)') flag++;
else if (version == '12.3(3g)') flag++;
else if (version == '12.3(3f)') flag++;
else if (version == '12.3(3e)') flag++;
else if (version == '12.3(3c)') flag++;
else if (version == '12.3(3b)') flag++;
else if (version == '12.3(3a)') flag++;
else if (version == '12.3(3)') flag++;
else if (version == '12.3(1a)') flag++;
else if (version == '12.3(1)') flag++;
else if (version == '12.2(18)ZU2') flag++;
else if (version == '12.2(18)ZU1') flag++;
else if (version == '12.2(18)ZU') flag++;
else if (version == '12.2(15)ZL1') flag++;
else if (version == '12.2(15)ZL') flag++;
else if (version == '12.2(15)ZJ5') flag++;
else if (version == '12.2(15)ZJ3') flag++;
else if (version == '12.2(15)ZJ2') flag++;
else if (version == '12.2(15)ZJ1') flag++;
else if (version == '12.2(15)ZJ') flag++;
else if (version == '12.2(13)ZH8') flag++;
else if (version == '12.2(13)ZH7') flag++;
else if (version == '12.2(13)ZH6') flag++;
else if (version == '12.2(13)ZH5') flag++;
else if (version == '12.2(13)ZH4') flag++;
else if (version == '12.2(13)ZH3') flag++;
else if (version == '12.2(13)ZH2') flag++;
else if (version == '12.2(13)ZH1') flag++;
else if (version == '12.2(13)ZH') flag++;
else if (version == '12.2(13)ZG') flag++;
else if (version == '12.2(13)ZF2') flag++;
else if (version == '12.2(13)ZF1') flag++;
else if (version == '12.2(13)ZF') flag++;
else if (version == '12.2(13)ZE') flag++;
else if (version == '12.2(13)ZD4') flag++;
else if (version == '12.2(13)ZD3') flag++;
else if (version == '12.2(13)ZD2') flag++;
else if (version == '12.2(13)ZD1') flag++;
else if (version == '12.2(13)ZD') flag++;
else if (version == '12.2(11)YV1') flag++;
else if (version == '12.2(11)YV') flag++;
else if (version == '12.2(11)YU') flag++;
else if (version == '12.2(15)XR2') flag++;
else if (version == '12.2(15)XR1') flag++;
else if (version == '12.2(15)XR') flag++;
else if (version == '12.2(15)T9') flag++;
else if (version == '12.2(15)T8') flag++;
else if (version == '12.2(15)T7') flag++;
else if (version == '12.2(15)T5') flag++;
else if (version == '12.2(15)T2') flag++;
else if (version == '12.2(15)T16') flag++;
else if (version == '12.2(15)T15') flag++;
else if (version == '12.2(15)T14') flag++;
else if (version == '12.2(15)T13') flag++;
else if (version == '12.2(15)T12') flag++;
else if (version == '12.2(15)T11') flag++;
else if (version == '12.2(15)T10') flag++;
else if (version == '12.2(15)T1') flag++;
else if (version == '12.2(15)T') flag++;
else if (version == '12.2(18)SXF7') flag++;
else if (version == '12.2(18)SXF6') flag++;
else if (version == '12.2(18)SXF5') flag++;
else if (version == '12.2(18)SXF4') flag++;
else if (version == '12.2(18)SXF3') flag++;
else if (version == '12.2(18)SXF2') flag++;
else if (version == '12.2(18)SXF1') flag++;
else if (version == '12.2(18)SXF') flag++;
else if (version == '12.2(18)SXE6b') flag++;
else if (version == '12.2(18)SXE6a') flag++;
else if (version == '12.2(18)SXE6') flag++;
else if (version == '12.2(18)SXE5') flag++;
else if (version == '12.2(18)SXE4') flag++;
else if (version == '12.2(18)SXE3') flag++;
else if (version == '12.2(18)SXE2') flag++;
else if (version == '12.2(18)SXE1') flag++;
else if (version == '12.2(18)SXE') flag++;
else if (version == '12.2(18)SXD7b') flag++;
else if (version == '12.2(18)SXD7a') flag++;
else if (version == '12.2(18)SXD7') flag++;
else if (version == '12.2(18)SXD6') flag++;
else if (version == '12.2(18)SXD5') flag++;
else if (version == '12.2(18)SXD4') flag++;
else if (version == '12.2(18)SXD3') flag++;
else if (version == '12.2(18)SXD2') flag++;
else if (version == '12.2(18)SXD1') flag++;
else if (version == '12.2(18)SXD') flag++;
else if (version == '12.2(33)SRA2') flag++;
else if (version == '12.2(33)SRA1') flag++;
else if (version == '12.2(33)SRA') flag++;
else if (version == '12.2(31)SGA') flag++;
else if (version == '12.2(31)SG1') flag++;
else if (version == '12.2(31)SG') flag++;
else if (version == '12.2(25)SG1') flag++;
else if (version == '12.2(25)SG') flag++;
else if (version == '12.2(25)SEG2') flag++;
else if (version == '12.2(25)SEG1') flag++;
else if (version == '12.2(25)SEG') flag++;
else if (version == '12.2(25)SEF2') flag++;
else if (version == '12.2(25)SEF1') flag++;
else if (version == '12.2(25)SEE2') flag++;
else if (version == '12.2(25)SEE1') flag++;
else if (version == '12.2(25)SEE') flag++;
else if (version == '12.2(25)SED1') flag++;
else if (version == '12.2(25)SED') flag++;
else if (version == '12.2(25)SEC2') flag++;
else if (version == '12.2(25)SEC1') flag++;
else if (version == '12.2(25)SEC') flag++;
else if (version == '12.2(25)SEB4') flag++;
else if (version == '12.2(25)SEB3') flag++;
else if (version == '12.2(25)SEB2') flag++;
else if (version == '12.2(25)SEB1') flag++;
else if (version == '12.2(25)SEB') flag++;
else if (version == '12.2(25)SEA') flag++;
else if (version == '12.2(35)SE1') flag++;
else if (version == '12.2(35)SE') flag++;
else if (version == '12.2(25)SE3') flag++;
else if (version == '12.2(25)SE2') flag++;
else if (version == '12.2(25)SE') flag++;
else if (version == '12.2(31)SB3x') flag++;
else if (version == '12.2(31)SB3') flag++;
else if (version == '12.2(31)SB2') flag++;
else if (version == '12.2(15)JK5') flag++;
else if (version == '12.2(15)JK4') flag++;
else if (version == '12.2(15)JK3') flag++;
else if (version == '12.2(15)JK2') flag++;
else if (version == '12.2(15)JK1') flag++;
else if (version == '12.2(15)JK') flag++;
else if (version == '12.2(15)JA') flag++;
else if (version == '12.2(18)IXC') flag++;
else if (version == '12.2(18)IXB2') flag++;
else if (version == '12.2(18)IXB1') flag++;
else if (version == '12.2(18)IXB') flag++;
else if (version == '12.2(18)IXA') flag++;
else if (version == '12.2(25)FZ') flag++;
else if (version == '12.2(25)FY') flag++;
else if (version == '12.2(25)FX') flag++;
else if (version == '12.2(25)EZ1') flag++;
else if (version == '12.2(25)EZ') flag++;
else if (version == '12.2(25)EY4') flag++;
else if (version == '12.2(25)EY3') flag++;
else if (version == '12.2(25)EY2') flag++;
else if (version == '12.2(25)EY1') flag++;
else if (version == '12.2(25)EY') flag++;
else if (version == '12.2(25)EX1') flag++;
else if (version == '12.2(25)EX') flag++;
else if (version == '12.2(25)EWA8') flag++;
else if (version == '12.2(25)EWA7') flag++;
else if (version == '12.2(25)EWA6') flag++;
else if (version == '12.2(25)EWA5') flag++;
else if (version == '12.2(25)EWA4') flag++;
else if (version == '12.2(25)EWA3') flag++;
else if (version == '12.2(25)EWA2') flag++;
else if (version == '12.2(25)EWA1') flag++;
else if (version == '12.2(25)EWA') flag++;
else if (version == '12.2(25)EW') flag++;
else if (version == '12.2(15)CZ3') flag++;
else if (version == '12.2(15)CZ2') flag++;
else if (version == '12.2(15)CZ1') flag++;
else if (version == '12.2(15)CZ') flag++;
else if (version == '12.2(15)CX1') flag++;
else if (version == '12.2(15)CX') flag++;
else if (version == '12.2(15)BZ2') flag++;
else if (version == '12.2(16)BX3') flag++;
else if (version == '12.2(16)BX2') flag++;
else if (version == '12.2(16)BX1') flag++;
else if (version == '12.2(16)BX') flag++;
else if (version == '12.2(15)BX') flag++;
else if (version == '12.2(15)BC2i') flag++;
else if (version == '12.2(15)BC2h') flag++;
else if (version == '12.2(15)BC2g') flag++;
else if (version == '12.2(15)BC2f') flag++;
else if (version == '12.2(15)BC2e') flag++;
else if (version == '12.2(15)BC2d') flag++;
else if (version == '12.2(15)BC2c') flag++;
else if (version == '12.2(15)BC2b') flag++;
else if (version == '12.2(15)BC2a') flag++;
else if (version == '12.2(15)BC2') flag++;
else if (version == '12.2(15)BC1g') flag++;
else if (version == '12.2(15)BC1f') flag++;
else if (version == '12.2(15)BC1e') flag++;
else if (version == '12.2(15)BC1d') flag++;
else if (version == '12.2(15)BC1c') flag++;
else if (version == '12.2(15)BC1b') flag++;
else if (version == '12.2(15)BC1a') flag++;
else if (version == '12.2(15)BC1') flag++;
else if (version == '12.2(16)B2') flag++;
else if (version == '12.2(16)B1') flag++;
else if (version == '12.2(16)B') flag++;
else if (version == '12.2(15)B') flag++;

if (get_kb_item("Host/local_checks_enabled"))
{
  if (flag)
  {
    flag = 0;
    buf = cisco_command_kb_item("Host/Cisco/Config/show_crypto_isakmp_policy", "show crypto isakmp policy");
    if (check_cisco_result(buf))
    {
      if (preg(pattern:"Protection suite", multiline:TRUE, string:buf)) { flag = 1; }
    } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }

    buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config");
    if (check_cisco_result(buf))
    {
      if (preg(pattern:"ip http secure-server", multiline:TRUE, string:buf)) { flag = 1; }
      if (preg(pattern:"parameter-map[^\r\n]+TMS", multiline:TRUE, string:buf)) { flag = 1; }
      if (preg(pattern:"crypto signaling", multiline:TRUE, string:buf)) { flag = 1; }
      if (preg(pattern:"method tls", multiline:TRUE, string:buf)) { flag = 1; }
    } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }
  }
}

if (flag)
{
  security_warning(port:0, extra:cisco_caveat(override));
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
ciscoioscpe:/o:cisco:ios

Related

securityvulns 1
cisco 1
cve 1
cert 1
securityvulns
securityvulns
Cisco Security Advisory: Vulnerability In Crypto Library
2007-05-25 00:00:00
cisco
cisco
Vulnerability In Crypto Library
2007-05-22 13:00:00
cve
cve
CVE-2006-3894
2007-05-22 19:30:00
cert
cert
RSA BSAFE libraries denial of service vulnerability
2007-05-22 00:00:00
JSON
Related for CISCO-SA-20070522-CRYPTO.NASL
securityvulns1cisco1cve1cert1