Lucene search
This script is (C) 2010-2018 Tenable Network Security, Inc.CISCO-SA-20080326-PPTPHTTP.NASLHistorySep 01, 2010 - 12:00 a.m.
Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability - Cisco Systems
2010-09-0100:00:00
This script is (C) 2010-2018 Tenable Network Security, Inc.
www.tenable.com
11
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.021 Low
EPSS
Percentile
89.3%
Two vulnerabilities exist in the virtual private dial-up network (VPDN) solution when Point-to-Point Tunneling Protocol (PPTP) is used in certain Cisco IOS releases prior to 12.3. PPTP is only one of the supported tunneling protocols used to tunnel PPP frames within the VPDN solution.
The first vulnerability is a memory leak that occurs as a result of PPTP session termination. The second vulnerability may consume all interface descriptor blocks on the affected device because those devices will not reuse virtual access interfaces. If these vulnerabilities are repeatedly exploited, the memory and/or interface resources of the attacked device may be depleted.
Cisco has made free software available to address these vulnerabilities for affected customers.
There are no workarounds available to mitigate the effects of these vulnerabilities.
#TRUSTED a0a303ed7c3ebebcc80297254c5c594c056cca23de635e1c4bd8ac664be929eae20e00f38f45b66102a57054975ed91f18585d4a5e81ae3f4bfae750f0e32256883b9cd50ae90a567a555625b4ffb2e527b10e306aeadcdfa3b218b439901859d4d536ea361983352949ec321eae43b8fd7f472bf9d7233b3f2f270bc3ef56aafec71d2a8f434e9dedc2dd9ed2770d3d78d6443efd1728d62ed846b79b679a173943e53ad08e9e4e7b076c90122d4ede98d59196de67870de3c45ddb755d9fa65ad68bec258c2022a37ac0b058468610dea66ff05f5ffaad1cec6394f1fd1fa3e353f9e3775e871f1f7d7a7e1836fcd2b81447d29f5c9dae5a8c9ddea5892155522a3bc2bc623a75c7a064cbd4fdf33ca53c7fb4a033fbad69e92d2a2bd036320b50b11ae1b1dd63d1540d7d3f6711e12bacdd64057a8a94f03a47f6d9dbd9229450b3b3774a2124840eb8174155d2e547a132a2fb62513676b4eabe7996694bce27167046a300a317e43425b67bc7e214d0700564f1becc177dc39e488ccf59e8dbcf3d4c48ff51b46d8f0cc48df768f519540b2c2c721bd778ecb555c63fc9867ee07bdd5a55f76b2d0208a28b0174d0fbe13ae2f9d363c2ef622f022e7e8c7357e7082d8768136decb3c3c514d4ac6232c3bff76ad69b68c89f476c4e7c41eecb8ba9103ea10e2081eb9bf3b2fe0c14643e10ba553f1a546fe88ddb0efefe
#
# (C) Tenable Network Security, Inc.
#
# Security advisory is (C) CISCO, Inc.
# See https://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml
if (NASL_LEVEL < 3000) exit(0);
include("compat.inc");
if (description)
{
script_id(49013);
script_version("1.20");
script_set_attribute(attribute:"plugin_modification_date", value:"2018/11/15");
script_cve_id("CVE-2008-1150", "CVE-2008-1151");
script_bugtraq_id(28460);
script_name(english:"Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability - Cisco Systems");
script_summary(english:"Checks the IOS version.");
script_set_attribute(attribute:"synopsis", value:"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
'Two vulnerabilities exist in the virtual private dial-up network (VPDN)
solution when Point-to-Point Tunneling Protocol (PPTP) is used in
certain Cisco IOS releases prior to 12.3. PPTP is only one of the
supported tunneling protocols used to tunnel PPP frames within the VPDN
solution.
The first vulnerability is a memory leak that occurs as a result of
PPTP session termination. The second vulnerability may consume all
interface descriptor blocks on the affected device because those
devices will not reuse virtual access interfaces. If these
vulnerabilities are repeatedly exploited, the memory and/or interface
resources of the attacked device may be depleted.
Cisco has made free software available to address these vulnerabilities
for affected customers.
There are no workarounds available to mitigate the effects of these
vulnerabilities.
');
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1794c9f5");
# https://www.cisco.com/en/US/products/products_security_advisory09186a0080969862.shtml
script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?89f2241b");
script_set_attribute(attribute:"solution", value:
"Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20080326-pptp.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
script_set_attribute(attribute:"vuln_publication_date", value:"2008/03/26");
script_set_attribute(attribute:"patch_publication_date", value:"2008/03/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/09/01");
script_end_attributes();
script_xref(name:"CISCO-BUG-ID", value:"CSCdv59309");
script_xref(name:"CISCO-BUG-ID", value:"CSCsj58566");
script_xref(name:"CISCO-SA", value:"cisco-sa-20080326-pptp");
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is (C) 2010-2018 Tenable Network Security, Inc.");
script_family(english:"CISCO");
script_dependencie("cisco_ios_version.nasl");
script_require_keys("Host/Cisco/IOS/Version");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");
flag = 0;
version = get_kb_item_or_exit("Host/Cisco/IOS/Version");
override = 0;
if (version == '12.2(14)ZA7') flag++;
else if (version == '12.2(14)ZA6') flag++;
else if (version == '12.2(14)ZA5') flag++;
else if (version == '12.2(14)ZA4') flag++;
else if (version == '12.2(14)ZA3') flag++;
else if (version == '12.2(14)ZA2') flag++;
else if (version == '12.2(14)ZA1') flag++;
else if (version == '12.2(14)ZA') flag++;
else if (version == '12.2(9)ZA') flag++;
else if (version == '12.2(11)YZ2') flag++;
else if (version == '12.2(11)YZ1') flag++;
else if (version == '12.2(11)YZ') flag++;
else if (version == '12.2(11)YX1') flag++;
else if (version == '12.2(11)YX') flag++;
else if (version == '12.2(9)YE') flag++;
else if (version == '12.2(2)YC4') flag++;
else if (version == '12.2(2)YC3') flag++;
else if (version == '12.2(2)YC2') flag++;
else if (version == '12.2(2)YC1') flag++;
else if (version == '12.2(2)YC') flag++;
else if (version == '12.2(4)XV5') flag++;
else if (version == '12.2(4)XV4a') flag++;
else if (version == '12.2(4)XV4') flag++;
else if (version == '12.2(4)XV3') flag++;
else if (version == '12.2(4)XV2') flag++;
else if (version == '12.2(4)XV1') flag++;
else if (version == '12.2(4)XV') flag++;
else if (version == '12.2(2)XU') flag++;
else if (version == '12.2(2)XT3') flag++;
else if (version == '12.2(2)XT2') flag++;
else if (version == '12.2(2)XT') flag++;
else if (version == '12.2(1)XS2') flag++;
else if (version == '12.2(1)XS1a') flag++;
else if (version == '12.2(1)XS') flag++;
else if (version == '12.2(2)XQ1') flag++;
else if (version == '12.2(2)XQ') flag++;
else if (version == '12.2(2)XN') flag++;
else if (version == '12.2(2)XK3') flag++;
else if (version == '12.2(2)XK2') flag++;
else if (version == '12.2(2)XK1') flag++;
else if (version == '12.2(2)XK') flag++;
else if (version == '12.2(2)XJ') flag++;
else if (version == '12.2(2)XI2') flag++;
else if (version == '12.2(2)XI1') flag++;
else if (version == '12.2(2)XI') flag++;
else if (version == '12.2(2)XH2') flag++;
else if (version == '12.2(2)XH1') flag++;
else if (version == '12.2(2)XH') flag++;
else if (version == '12.2(2)XG1') flag++;
else if (version == '12.2(2)XG') flag++;
else if (version == '12.2(4)XF1') flag++;
else if (version == '12.2(4)XF') flag++;
else if (version == '12.2(2)XF2') flag++;
else if (version == '12.2(2)XF1') flag++;
else if (version == '12.2(2)XF') flag++;
else if (version == '12.2(1)XF1') flag++;
else if (version == '12.2(1)XF') flag++;
else if (version == '12.2(1)XE2') flag++;
else if (version == '12.2(1)XE1') flag++;
else if (version == '12.2(1)XE') flag++;
else if (version == '12.2(1)XD4') flag++;
else if (version == '12.2(1)XD3') flag++;
else if (version == '12.2(1)XD2') flag++;
else if (version == '12.2(1)XD1') flag++;
else if (version == '12.2(1)XD') flag++;
else if (version == '12.2(2)XC2') flag++;
else if (version == '12.2(2)XC1') flag++;
else if (version == '12.2(2)XC') flag++;
else if (version == '12.2(1a)XC3') flag++;
else if (version == '12.2(1a)XC2') flag++;
else if (version == '12.2(1a)XC1') flag++;
else if (version == '12.2(1a)XC') flag++;
else if (version == '12.2(2)XB3') flag++;
else if (version == '12.2(2)XB2') flag++;
else if (version == '12.2(2)XB1') flag++;
else if (version == '12.2(2)XA5') flag++;
else if (version == '12.2(2)XA4') flag++;
else if (version == '12.2(2)XA3') flag++;
else if (version == '12.2(2)XA2') flag++;
else if (version == '12.2(2)XA1') flag++;
else if (version == '12.2(2)XA') flag++;
else if (version == '12.2(4)T7') flag++;
else if (version == '12.2(4)T6') flag++;
else if (version == '12.2(4)T5') flag++;
else if (version == '12.2(4)T3') flag++;
else if (version == '12.2(4)T2') flag++;
else if (version == '12.2(4)T1') flag++;
else if (version == '12.2(4)T') flag++;
else if (version == '12.2(2)T4') flag++;
else if (version == '12.2(2)T3') flag++;
else if (version == '12.2(2)T2') flag++;
else if (version == '12.2(2)T1') flag++;
else if (version == '12.2(2)T') flag++;
else if (version == '12.2(14)SZ6') flag++;
else if (version == '12.2(14)SZ5') flag++;
else if (version == '12.2(14)SZ4') flag++;
else if (version == '12.2(14)SZ3') flag++;
else if (version == '12.2(14)SZ2') flag++;
else if (version == '12.2(14)SZ1') flag++;
else if (version == '12.2(14)SZ') flag++;
else if (version == '12.2(14)SY5') flag++;
else if (version == '12.2(14)SY4') flag++;
else if (version == '12.2(14)SY3') flag++;
else if (version == '12.2(14)SY2') flag++;
else if (version == '12.2(14)SY1') flag++;
else if (version == '12.2(14)SY') flag++;
else if (version == '12.2(14)SX2') flag++;
else if (version == '12.2(14)SX1') flag++;
else if (version == '12.2(14)SX') flag++;
else if (version == '12.2(14)SU2') flag++;
else if (version == '12.2(14)SU1') flag++;
else if (version == '12.2(14)SU') flag++;
else if (version == '12.2(14)S9') flag++;
else if (version == '12.2(14)S8') flag++;
else if (version == '12.2(14)S7') flag++;
else if (version == '12.2(14)S5') flag++;
else if (version == '12.2(14)S3') flag++;
else if (version == '12.2(14)S2') flag++;
else if (version == '12.2(14)S19') flag++;
else if (version == '12.2(14)S18') flag++;
else if (version == '12.2(14)S17') flag++;
else if (version == '12.2(14)S16') flag++;
else if (version == '12.2(14)S15') flag++;
else if (version == '12.2(14)S14') flag++;
else if (version == '12.2(14)S13') flag++;
else if (version == '12.2(14)S12') flag++;
else if (version == '12.2(14)S11') flag++;
else if (version == '12.2(14)S10') flag++;
else if (version == '12.2(14)S1') flag++;
else if (version == '12.2(14)S') flag++;
else if (version == '12.2(9)S') flag++;
else if (version == '12.2(12h)M1') flag++;
else if (version == '12.2(12b)M1') flag++;
else if (version == '12.2(6c)M1') flag++;
else if (version == '12.2(1)M0') flag++;
else if (version == '12.2(2)DX3') flag++;
else if (version == '12.2(1)DX1') flag++;
else if (version == '12.2(1)DX') flag++;
else if (version == '12.2(2)DD4') flag++;
else if (version == '12.2(2)DD3') flag++;
else if (version == '12.2(2)DD2') flag++;
else if (version == '12.2(2)DD1') flag++;
else if (version == '12.2(2)DD') flag++;
else if (version == '12.2(7)DA') flag++;
else if (version == '12.2(5)DA1') flag++;
else if (version == '12.2(5)DA') flag++;
else if (version == '12.2(1b)DA1') flag++;
else if (version == '12.2(1b)DA') flag++;
else if (version == '12.2(2)BY3') flag++;
else if (version == '12.2(2)BY2') flag++;
else if (version == '12.2(2)BY1') flag++;
else if (version == '12.2(2)BY') flag++;
else if (version == '12.2(2)BX1') flag++;
else if (version == '12.2(2)BX') flag++;
else if (version == '12.2(4)BW') flag++;
else if (version == '12.2(4)BC1b') flag++;
else if (version == '12.2(4)BC1a') flag++;
else if (version == '12.2(4)BC1') flag++;
else if (version == '12.2(4)B4') flag++;
else if (version == '12.2(4)B3') flag++;
else if (version == '12.2(4)B2') flag++;
else if (version == '12.2(4)B1') flag++;
else if (version == '12.2(4)B') flag++;
else if (version == '12.2(2)B7') flag++;
else if (version == '12.2(2)B6') flag++;
else if (version == '12.2(2)B5') flag++;
else if (version == '12.2(2)B4') flag++;
else if (version == '12.2(2)B3') flag++;
else if (version == '12.2(2)B2') flag++;
else if (version == '12.2(2)B1') flag++;
else if (version == '12.2(2)B') flag++;
else if (version == '12.2(46a)') flag++;
else if (version == '12.2(46)') flag++;
else if (version == '12.2(40a)') flag++;
else if (version == '12.2(40)') flag++;
else if (version == '12.2(37)') flag++;
else if (version == '12.2(34a)') flag++;
else if (version == '12.2(34)') flag++;
else if (version == '12.2(32)') flag++;
else if (version == '12.2(31)') flag++;
else if (version == '12.2(29b)') flag++;
else if (version == '12.2(29a)') flag++;
else if (version == '12.2(29)') flag++;
else if (version == '12.2(28d)') flag++;
else if (version == '12.2(28c)') flag++;
else if (version == '12.2(28b)') flag++;
else if (version == '12.2(28a)') flag++;
else if (version == '12.2(28)') flag++;
else if (version == '12.2(27c)') flag++;
else if (version == '12.2(27b)') flag++;
else if (version == '12.2(27a)') flag++;
else if (version == '12.2(27)') flag++;
else if (version == '12.2(26c)') flag++;
else if (version == '12.2(26b)') flag++;
else if (version == '12.2(26a)') flag++;
else if (version == '12.2(26)') flag++;
else if (version == '12.2(24b)') flag++;
else if (version == '12.2(24a)') flag++;
else if (version == '12.2(24)') flag++;
else if (version == '12.2(23f)') flag++;
else if (version == '12.2(23e)') flag++;
else if (version == '12.2(23d)') flag++;
else if (version == '12.2(23c)') flag++;
else if (version == '12.2(23a)') flag++;
else if (version == '12.2(23)') flag++;
else if (version == '12.2(21b)') flag++;
else if (version == '12.2(21a)') flag++;
else if (version == '12.2(21)') flag++;
else if (version == '12.2(19c)') flag++;
else if (version == '12.2(19b)') flag++;
else if (version == '12.2(19a)') flag++;
else if (version == '12.2(19)') flag++;
else if (version == '12.2(17f)') flag++;
else if (version == '12.2(17e)') flag++;
else if (version == '12.2(17d)') flag++;
else if (version == '12.2(17b)') flag++;
else if (version == '12.2(17a)') flag++;
else if (version == '12.2(17)') flag++;
else if (version == '12.2(16f)') flag++;
else if (version == '12.2(16c)') flag++;
else if (version == '12.2(16b)') flag++;
else if (version == '12.2(16a)') flag++;
else if (version == '12.2(16)') flag++;
else if (version == '12.2(13e)') flag++;
else if (version == '12.2(13c)') flag++;
else if (version == '12.2(13b)') flag++;
else if (version == '12.2(13a)') flag++;
else if (version == '12.2(13)') flag++;
else if (version == '12.2(12m)') flag++;
else if (version == '12.2(12l)') flag++;
else if (version == '12.2(12k)') flag++;
else if (version == '12.2(12j)') flag++;
else if (version == '12.2(12i)') flag++;
else if (version == '12.2(12h)') flag++;
else if (version == '12.2(12g)') flag++;
else if (version == '12.2(12f)') flag++;
else if (version == '12.2(12e)') flag++;
else if (version == '12.2(12c)') flag++;
else if (version == '12.2(12b)') flag++;
else if (version == '12.2(12a)') flag++;
else if (version == '12.2(12)') flag++;
else if (version == '12.2(10g)') flag++;
else if (version == '12.2(10d)') flag++;
else if (version == '12.2(10b)') flag++;
else if (version == '12.2(10a)') flag++;
else if (version == '12.2(10)') flag++;
else if (version == '12.2(7g)') flag++;
else if (version == '12.2(7e)') flag++;
else if (version == '12.2(7c)') flag++;
else if (version == '12.2(7b)') flag++;
else if (version == '12.2(7a)') flag++;
else if (version == '12.2(7)') flag++;
else if (version == '12.2(6j)') flag++;
else if (version == '12.2(6i)') flag++;
else if (version == '12.2(6h)') flag++;
else if (version == '12.2(6g)') flag++;
else if (version == '12.2(6f)') flag++;
else if (version == '12.2(6e)') flag++;
else if (version == '12.2(6d)') flag++;
else if (version == '12.2(6c)') flag++;
else if (version == '12.2(6b)') flag++;
else if (version == '12.2(6a)') flag++;
else if (version == '12.2(6)') flag++;
else if (version == '12.2(5d)') flag++;
else if (version == '12.2(5c)') flag++;
else if (version == '12.2(5b)') flag++;
else if (version == '12.2(5a)') flag++;
else if (version == '12.2(5)') flag++;
else if (version == '12.2(3g)') flag++;
else if (version == '12.2(3d)') flag++;
else if (version == '12.2(3c)') flag++;
else if (version == '12.2(3b)') flag++;
else if (version == '12.2(3a)') flag++;
else if (version == '12.2(3)') flag++;
else if (version == '12.2(1d)') flag++;
else if (version == '12.2(1c)') flag++;
else if (version == '12.2(1b)') flag++;
else if (version == '12.2(1a)') flag++;
else if (version == '12.2(1)') flag++;
else if (version == '12.1(5)YI2') flag++;
else if (version == '12.1(5)YI1') flag++;
else if (version == '12.1(5)YI') flag++;
else if (version == '12.1(5)YF4') flag++;
else if (version == '12.1(5)YF3') flag++;
else if (version == '12.1(5)YF2') flag++;
else if (version == '12.1(5)YF1') flag++;
else if (version == '12.1(5)YF') flag++;
else if (version == '12.1(5)YE5') flag++;
else if (version == '12.1(5)YE4') flag++;
else if (version == '12.1(5)YE3') flag++;
else if (version == '12.1(5)YE2') flag++;
else if (version == '12.1(5)YE1') flag++;
else if (version == '12.1(5)YD6') flag++;
else if (version == '12.1(5)YD5') flag++;
else if (version == '12.1(5)YD4') flag++;
else if (version == '12.1(5)YD3') flag++;
else if (version == '12.1(5)YD2') flag++;
else if (version == '12.1(5)YD1') flag++;
else if (version == '12.1(5)YD') flag++;
else if (version == '12.1(5)YC3') flag++;
else if (version == '12.1(5)YC2') flag++;
else if (version == '12.1(5)YC1') flag++;
else if (version == '12.1(5)YC') flag++;
else if (version == '12.1(5)YB5') flag++;
else if (version == '12.1(5)YB4') flag++;
else if (version == '12.1(5)YB3') flag++;
else if (version == '12.1(5)YB1') flag++;
else if (version == '12.1(5)YB') flag++;
else if (version == '12.1(5)YA2') flag++;
else if (version == '12.1(5)YA1') flag++;
else if (version == '12.1(5)YA') flag++;
else if (version == '12.1(4)XY8') flag++;
else if (version == '12.1(4)XY7') flag++;
else if (version == '12.1(4)XY6') flag++;
else if (version == '12.1(4)XY5') flag++;
else if (version == '12.1(4)XY4') flag++;
else if (version == '12.1(4)XY3') flag++;
else if (version == '12.1(4)XY1') flag++;
else if (version == '12.1(5)XV4') flag++;
else if (version == '12.1(5)XV2') flag++;
else if (version == '12.1(5)XV1') flag++;
else if (version == '12.1(5)XV') flag++;
else if (version == '12.1(3)XT2') flag++;
else if (version == '12.1(3)XT1') flag++;
else if (version == '12.1(3)XT') flag++;
else if (version == '12.1(5)XS5') flag++;
else if (version == '12.1(5)XS4') flag++;
else if (version == '12.1(5)XS3') flag++;
else if (version == '12.1(5)XS2') flag++;
else if (version == '12.1(5)XS1') flag++;
else if (version == '12.1(5)XS') flag++;
else if (version == '12.1(5)XR2') flag++;
else if (version == '12.1(5)XR1') flag++;
else if (version == '12.1(5)XR') flag++;
else if (version == '12.1(3)XQ3') flag++;
else if (version == '12.1(3)XQ2') flag++;
else if (version == '12.1(3)XQ1') flag++;
else if (version == '12.1(3)XQ') flag++;
else if (version == '12.1(3)XP4') flag++;
else if (version == '12.1(3)XP3') flag++;
else if (version == '12.1(3)XP2') flag++;
else if (version == '12.1(3)XP1') flag++;
else if (version == '12.1(3)XP') flag++;
else if (version == '12.1(5)XM8') flag++;
else if (version == '12.1(5)XM7') flag++;
else if (version == '12.1(5)XM6') flag++;
else if (version == '12.1(5)XM5') flag++;
else if (version == '12.1(5)XM4') flag++;
else if (version == '12.1(5)XM3') flag++;
else if (version == '12.1(5)XM2') flag++;
else if (version == '12.1(5)XM1') flag++;
else if (version == '12.1(5)XM') flag++;
else if (version == '12.1(3a)XL3') flag++;
else if (version == '12.1(3a)XL2') flag++;
else if (version == '12.1(3a)XL1') flag++;
else if (version == '12.1(3)XL') flag++;
else if (version == '12.1(3)XJ') flag++;
else if (version == '12.1(5)T9') flag++;
else if (version == '12.1(5)T8b') flag++;
else if (version == '12.1(5)T8a') flag++;
else if (version == '12.1(5)T8') flag++;
else if (version == '12.1(5)T7') flag++;
else if (version == '12.1(5)T6') flag++;
else if (version == '12.1(5)T5') flag++;
else if (version == '12.1(5)T4') flag++;
else if (version == '12.1(5)T3') flag++;
else if (version == '12.1(5)T20') flag++;
else if (version == '12.1(5)T2') flag++;
else if (version == '12.1(5)T19') flag++;
else if (version == '12.1(5)T18') flag++;
else if (version == '12.1(5)T17') flag++;
else if (version == '12.1(5)T15') flag++;
else if (version == '12.1(5)T14') flag++;
else if (version == '12.1(5)T12') flag++;
else if (version == '12.1(5)T11') flag++;
else if (version == '12.1(5)T10') flag++;
else if (version == '12.1(5)T1') flag++;
else if (version == '12.1(5)T') flag++;
else if (version == '12.1(6)EZ6') flag++;
else if (version == '12.1(6)EZ5') flag++;
else if (version == '12.1(6)EZ4') flag++;
else if (version == '12.1(6)EZ3') flag++;
else if (version == '12.1(6)EZ2') flag++;
else if (version == '12.1(6)EZ1') flag++;
else if (version == '12.1(6)EZ') flag++;
else if (version == '12.1(13)EX3') flag++;
else if (version == '12.1(13)EX2') flag++;
else if (version == '12.1(13)EX1') flag++;
else if (version == '12.1(13)EX') flag++;
else if (version == '12.1(12c)EX1') flag++;
else if (version == '12.1(12c)EX') flag++;
else if (version == '12.1(11b)EX1') flag++;
else if (version == '12.1(11b)EX') flag++;
else if (version == '12.1(10)EX2') flag++;
else if (version == '12.1(10)EX1') flag++;
else if (version == '12.1(10)EX') flag++;
else if (version == '12.1(9)EX3') flag++;
else if (version == '12.1(9)EX2') flag++;
else if (version == '12.1(9)EX1') flag++;
else if (version == '12.1(9)EX') flag++;
else if (version == '12.1(8b)EX5') flag++;
else if (version == '12.1(8b)EX3') flag++;
else if (version == '12.1(8b)EX2') flag++;
else if (version == '12.1(8a)EX1') flag++;
else if (version == '12.1(8a)EX') flag++;
else if (version == '12.1(5c)EX3') flag++;
else if (version == '12.1(1)EX1') flag++;
else if (version == '12.1(1)EX') flag++;
else if (version == '12.1(22)EC1') flag++;
else if (version == '12.1(22)EC') flag++;
else if (version == '12.1(20)EC3') flag++;
else if (version == '12.1(20)EC2') flag++;
else if (version == '12.1(20)EC1') flag++;
else if (version == '12.1(20)EC') flag++;
else if (version == '12.1(19)EC1') flag++;
else if (version == '12.1(19)EC') flag++;
else if (version == '12.1(13)EC4') flag++;
else if (version == '12.1(13)EC3') flag++;
else if (version == '12.1(13)EC2') flag++;
else if (version == '12.1(13)EC1') flag++;
else if (version == '12.1(13)EC') flag++;
else if (version == '12.1(12c)EC1') flag++;
else if (version == '12.1(12c)EC') flag++;
else if (version == '12.1(11b)EC1') flag++;
else if (version == '12.1(11b)EC') flag++;
else if (version == '12.1(10)EC1') flag++;
else if (version == '12.1(10)EC') flag++;
else if (version == '12.1(9)EC1') flag++;
else if (version == '12.1(8)EC1') flag++;
else if (version == '12.1(8)EC') flag++;
else if (version == '12.1(7)EC') flag++;
else if (version == '12.1(6)EC1') flag++;
else if (version == '12.1(6)EC') flag++;
else if (version == '12.1(5)EC1') flag++;
else if (version == '12.1(5)EC') flag++;
else if (version == '12.1(4)EC') flag++;
else if (version == '12.1(3a)EC1') flag++;
else if (version == '12.1(3a)EC') flag++;
else if (version == '12.1(2)EC1') flag++;
else if (version == '12.1(2)EC') flag++;
else if (version == '12.1(27b)E3') flag++;
else if (version == '12.1(27b)E2') flag++;
else if (version == '12.1(27b)E1') flag++;
else if (version == '12.1(27b)E') flag++;
else if (version == '12.1(26)E9') flag++;
else if (version == '12.1(26)E8') flag++;
else if (version == '12.1(26)E7') flag++;
else if (version == '12.1(26)E6') flag++;
else if (version == '12.1(26)E5') flag++;
else if (version == '12.1(26)E4') flag++;
else if (version == '12.1(26)E3') flag++;
else if (version == '12.1(26)E2') flag++;
else if (version == '12.1(26)E1') flag++;
else if (version == '12.1(26)E') flag++;
else if (version == '12.1(23)E4') flag++;
else if (version == '12.1(23)E3') flag++;
else if (version == '12.1(23)E2') flag++;
else if (version == '12.1(23)E1') flag++;
else if (version == '12.1(23)E') flag++;
else if (version == '12.1(22)E6') flag++;
else if (version == '12.1(22)E5') flag++;
else if (version == '12.1(22)E4') flag++;
else if (version == '12.1(22)E3') flag++;
else if (version == '12.1(22)E2') flag++;
else if (version == '12.1(22)E1') flag++;
else if (version == '12.1(22)E') flag++;
else if (version == '12.1(20)E6') flag++;
else if (version == '12.1(20)E5') flag++;
else if (version == '12.1(20)E4') flag++;
else if (version == '12.1(20)E3') flag++;
else if (version == '12.1(20)E2') flag++;
else if (version == '12.1(20)E1') flag++;
else if (version == '12.1(20)E') flag++;
else if (version == '12.1(19)E7') flag++;
else if (version == '12.1(19)E6') flag++;
else if (version == '12.1(19)E4') flag++;
else if (version == '12.1(19)E3') flag++;
else if (version == '12.1(19)E2') flag++;
else if (version == '12.1(19)E1') flag++;
else if (version == '12.1(19)E') flag++;
else if (version == '12.1(14)E7') flag++;
else if (version == '12.1(14)E6') flag++;
else if (version == '12.1(14)E5') flag++;
else if (version == '12.1(14)E4') flag++;
else if (version == '12.1(14)E3') flag++;
else if (version == '12.1(14)E2') flag++;
else if (version == '12.1(14)E10') flag++;
else if (version == '12.1(14)E1') flag++;
else if (version == '12.1(14)E') flag++;
else if (version == '12.1(13)E9') flag++;
else if (version == '12.1(13)E8') flag++;
else if (version == '12.1(13)E7') flag++;
else if (version == '12.1(13)E6') flag++;
else if (version == '12.1(13)E5') flag++;
else if (version == '12.1(13)E4') flag++;
else if (version == '12.1(13)E3') flag++;
else if (version == '12.1(13)E2') flag++;
else if (version == '12.1(13)E17') flag++;
else if (version == '12.1(13)E16') flag++;
else if (version == '12.1(13)E15') flag++;
else if (version == '12.1(13)E14') flag++;
else if (version == '12.1(13)E13') flag++;
else if (version == '12.1(13)E12') flag++;
else if (version == '12.1(13)E11') flag++;
else if (version == '12.1(13)E10') flag++;
else if (version == '12.1(13)E1') flag++;
else if (version == '12.1(13)E') flag++;
else if (version == '12.1(12c)E6') flag++;
else if (version == '12.1(12c)E5') flag++;
else if (version == '12.1(12c)E4') flag++;
else if (version == '12.1(12c)E2') flag++;
else if (version == '12.1(12c)E1') flag++;
else if (version == '12.1(12c)E') flag++;
else if (version == '12.1(11b)E7') flag++;
else if (version == '12.1(11b)E4') flag++;
else if (version == '12.1(11b)E3') flag++;
else if (version == '12.1(11b)E2') flag++;
else if (version == '12.1(11b)E14') flag++;
else if (version == '12.1(11b)E12') flag++;
else if (version == '12.1(11b)E11') flag++;
else if (version == '12.1(11b)E10') flag++;
else if (version == '12.1(11b)E1') flag++;
else if (version == '12.1(11b)E0a') flag++;
else if (version == '12.1(11b)E') flag++;
else if (version == '12.1(10)E8') flag++;
else if (version == '12.1(10)E7') flag++;
else if (version == '12.1(10)E6a') flag++;
else if (version == '12.1(10)E6') flag++;
else if (version == '12.1(10)E5') flag++;
else if (version == '12.1(10)E4') flag++;
else if (version == '12.1(10)E3') flag++;
else if (version == '12.1(10)E2') flag++;
else if (version == '12.1(10)E1') flag++;
else if (version == '12.1(10)E') flag++;
else if (version == '12.1(9)E3') flag++;
else if (version == '12.1(9)E2') flag++;
else if (version == '12.1(9)E1') flag++;
else if (version == '12.1(9)E') flag++;
else if (version == '12.1(8b)E9') flag++;
else if (version == '12.1(8b)E8') flag++;
else if (version == '12.1(8b)E7') flag++;
else if (version == '12.1(8b)E6') flag++;
else if (version == '12.1(8b)E20') flag++;
else if (version == '12.1(8b)E19') flag++;
else if (version == '12.1(8b)E18') flag++;
else if (version == '12.1(8b)E15') flag++;
else if (version == '12.1(8b)E14') flag++;
else if (version == '12.1(8b)E13') flag++;
else if (version == '12.1(8b)E12') flag++;
else if (version == '12.1(8b)E11') flag++;
else if (version == '12.1(8b)E10') flag++;
else if (version == '12.1(8a)E5') flag++;
else if (version == '12.1(8a)E4') flag++;
else if (version == '12.1(8a)E3') flag++;
else if (version == '12.1(8a)E2') flag++;
else if (version == '12.1(8a)E1') flag++;
else if (version == '12.1(8a)E') flag++;
else if (version == '12.1(7a)E6') flag++;
else if (version == '12.1(7a)E5') flag++;
else if (version == '12.1(7a)E4') flag++;
else if (version == '12.1(7a)E3') flag++;
else if (version == '12.1(7a)E2') flag++;
else if (version == '12.1(7a)E1a') flag++;
else if (version == '12.1(7a)E1') flag++;
else if (version == '12.1(7)E0a') flag++;
else if (version == '12.1(7)E') flag++;
else if (version == '12.1(6)E8') flag++;
else if (version == '12.1(6)E6') flag++;
else if (version == '12.1(6)E5') flag++;
else if (version == '12.1(6)E4') flag++;
else if (version == '12.1(6)E3') flag++;
else if (version == '12.1(6)E2') flag++;
else if (version == '12.1(6)E13') flag++;
else if (version == '12.1(6)E1') flag++;
else if (version == '12.1(6)E') flag++;
else if (version == '12.1(5c)E9') flag++;
else if (version == '12.1(5c)E8') flag++;
else if (version == '12.1(5c)E12') flag++;
else if (version == '12.1(5c)E10') flag++;
else if (version == '12.1(5b)E7') flag++;
else if (version == '12.1(5a)E4') flag++;
else if (version == '12.1(5a)E3') flag++;
else if (version == '12.1(5a)E2') flag++;
else if (version == '12.1(5a)E1') flag++;
else if (version == '12.1(5a)E') flag++;
else if (version == '12.1(4)E3') flag++;
else if (version == '12.1(4)E1') flag++;
else if (version == '12.1(4)E') flag++;
else if (version == '12.1(3a)E8') flag++;
else if (version == '12.1(3a)E7') flag++;
else if (version == '12.1(3a)E6') flag++;
else if (version == '12.1(3a)E5') flag++;
else if (version == '12.1(3a)E4') flag++;
else if (version == '12.1(3a)E3') flag++;
else if (version == '12.1(3a)E1') flag++;
else if (version == '12.1(3a)E') flag++;
else if (version == '12.1(2)E2') flag++;
else if (version == '12.1(2)E1') flag++;
else if (version == '12.1(2)E') flag++;
else if (version == '12.1(1)E6') flag++;
else if (version == '12.1(1)E5') flag++;
else if (version == '12.1(1)E4') flag++;
else if (version == '12.1(1)E3') flag++;
else if (version == '12.1(1)E2') flag++;
else if (version == '12.1(1)E1') flag++;
else if (version == '12.1(1)E') flag++;
else if (version == '12.1(5)DC3') flag++;
else if (version == '12.1(5)DC2') flag++;
else if (version == '12.1(5)DC1') flag++;
else if (version == '12.1(5)DC') flag++;
else if (version == '12.0(7)XE1') flag++;
else if (version == '12.0(5)XE7') flag++;
else if (version == '12.0(5)XE6') flag++;
else if (version == '12.0(5)XE5') flag++;
if (get_kb_item("Host/local_checks_enabled"))
{
if (flag)
{
flag = 0;
buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config");
if (check_cisco_result(buf))
{
if (preg(pattern:"vpdn enable", multiline:TRUE, string:buf)) { flag = 1; }
} else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }
}
if (flag)
{
flag = 0;
buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config");
if (check_cisco_result(buf))
{
if (preg(pattern:"protocol any", multiline:TRUE, string:buf)) { flag = 1; }
if (preg(pattern:"protocol pptp", multiline:TRUE, string:buf)) { flag = 1; }
} else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }
}
}
if (flag)
{
security_hole(port:0, extra:cisco_caveat(override));
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Related
cisco
cisco
Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability
2008-03-26 16:00:00
seebug
seebug
Cisco IOSθζδΈη¨ζ¨ε·η½η»ε€δΈͺζη»ζε‘ζΌζ΄
2008-03-31 00:00:00
securityvulns
securityvulns
Cisco Security Advisory: Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability
2008-03-26 00:00:00
CISCO routers IOS multiple security vulnerabilities
2008-03-28 00:00:00
nvd
nvd
CVE-2008-1150
2008-03-27 17:44:00
CVE-2008-1151
2008-03-27 17:44:00
prion
prion
Design/Logic Flaw
2008-03-27 17:44:00
Memory corruption
2008-03-27 17:44:00
cve
cve
CVE-2008-1150
2008-03-27 17:44:00
CVE-2008-1151
2008-03-27 17:44:00
cvelist
cvelist
CVE-2008-1151
2008-03-27 17:00:00
CVE-2008-1150
2008-03-27 17:00:00
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.021 Low
EPSS
Percentile
89.3%
Related for CISCO-SA-20080326-PPTPHTTP.NASL