Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)
2013-07-08T00:00:00
ID CISCO-SA-20120926-ECC.NASL Type nessus Reporter Tenable Modified 2018-11-15T00:00:00
Description
The Catalyst 4500E series switch with Supervisor Engine 7L-E contains
a denial of service (DoS) vulnerability when processing specially
crafted packets that can cause a reload of the device. Cisco has
released free software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are not available.
#TRUSTED 2ea34e7934cf76c39adcabd306a59ee62ad55b191f7da5e90d0189eb11d7225c6c7060562c48a249c04b50387ccb325204a6f4161915305ee9d971503c24a34b2d6da36d3a96000efa125e16fe85ecdc7da7a33c4ffd6e6b36d7ead15e6c040cf9716096a0730ef41c9a6ed07566d46db6da0e35a825d09fd1a94853c0f3058feb1e38e5d41b962eb396e7396b455a3b1e908367a0d1e75732c95848fbe82ed4bd746c27c263b5ba224aa4e59bd5c0310175f6ab1e500cbe7f9b559bee31b5978e9b4d01c786a7a2ac8b33fc350f1ae18d519e40dac18f11c63cb5827af5c2c713a18993a8a9e09a346259a5ce870cf389ba37bb177b54d9f1a51a04fb5c6f326467f05f56e8c63dcfa057a18060a6b37bb01d83226e1f7e6b6b1ff0e256966c473b5bcce58345d6efaa1484e404a5d96ab70c200189c4a89b7136cd223ca603c335690c066f840f11baf70e636f177a9375778cae35139c505b72b1697d6acbe2e2adf6dbebc34c51706a5b0a544747e148f8b2cb948f14c6e3ff41554ea9150907a2684e5422089dfb2813d35de4ea1d3c91c87252c51b15f3e54e3f8f459d8af13eb8b026fecbc3b0a3bcfa2a54f21d1c6afc7cfe36a9931939379eb96bf5b045c10a82380fb5917e4904f0cf36cf78343addaf3ea34811fb2d6e0e153fa058a8332b7d019bc1ca0443ee9a78aba35d36d777710d99201e6329b0678ab841
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Cisco Security Advisory cisco-sa-20120926-ecc.
# The text itself is copyright (C) Cisco
#
if (NASL_LEVEL < 3000) exit(0);
include("compat.inc");
if (description)
{
script_id(67204);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2018/11/15");
script_cve_id("CVE-2012-4622");
script_bugtraq_id(55701);
script_xref(name:"CISCO-BUG-ID", value:"CSCty88456");
script_xref(name:"CISCO-SA", value:"cisco-sa-20120926-ecc");
script_xref(name:"IAVA", value:"2012-A-0154");
script_name(english:"Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)");
script_summary(english:"Checks the IOS version.");
script_set_attribute(
attribute:"synopsis",
value:"The remote device is missing a vendor-supplied security patch."
);
script_set_attribute(
attribute:"description",
value:
"The Catalyst 4500E series switch with Supervisor Engine 7L-E contains
a denial of service (DoS) vulnerability when processing specially
crafted packets that can cause a reload of the device. Cisco has
released free software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are not available."
);
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?3693a5e7"
);
script_set_attribute(
attribute:"solution",
value:
"Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20120926-ecc."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/09/26");
script_set_attribute(attribute:"patch_publication_date", value:"2012/09/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/08");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
script_family(english:"CISCO");
script_dependencies("cisco_ios_version.nasl");
script_require_keys("Host/Cisco/IOS/Version");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");
flag = 0;
override = 0;
version = get_kb_item_or_exit("Host/Cisco/IOS/Version");
if ( version == '15.0(2)XO' ) flag++;
if (get_kb_item("Host/local_checks_enabled"))
{
if (flag)
{
flag = 0;
buf = cisco_command_kb_item("Host/Cisco/Config/show_module", "show module");
if (check_cisco_result(buf))
{
if (preg(pattern:"WS-X45-SUP7L-E ", multiline:TRUE, string:buf)) { flag = 1; }
} else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }
}
}
if (flag)
{
security_hole(port:0, extra:cisco_caveat(override));
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "CISCO-SA-20120926-ECC.NASL", "bulletinFamily": "scanner", "title": "Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)", "description": "The Catalyst 4500E series switch with Supervisor Engine 7L-E contains\na denial of service (DoS) vulnerability when processing specially\ncrafted packets that can cause a reload of the device. Cisco has\nreleased free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.", "published": "2013-07-08T00:00:00", "modified": "2018-11-15T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67204", "reporter": "Tenable", "references": ["http://www.nessus.org/u?3693a5e7"], "cvelist": ["CVE-2012-4622"], "type": "nessus", "lastseen": "2019-01-16T20:16:20", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:cisco:ios"], "cvelist": ["CVE-2012-4622"], "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device. Cisco has released free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "8fdb16153c4f809e4b1fc09e38af816fbe335e505c8e9210245de67abd439ad6", "hashmap": [{"hash": "bf85ac661e90f76efc3e3b625164c738", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "adc2f4c69c3585696a7f610c8f747249", "key": "pluginID"}, {"hash": "a57d1846ce7b84a2d5b2b17cef0e0f90", "key": "description"}, {"hash": "9d4ec3bc274414c5dfdd7488d4d95f7b", "key": "modified"}, {"hash": "792cc5e372c2043abc30263c62610b62", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "16d10a195fe025211bc8df89d042c8dc", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "4c0f81f0b9aa3880636314c934540895", "key": "references"}, {"hash": "de60d2d4940eb3e8caa51eab854c6a54", "key": "cvelist"}, {"hash": "6ee327bd150608319df96db37c5f0fd0", "key": "sourceData"}, {"hash": "d2978294286cb4df963b6dd63846264e", "key": "published"}, {"hash": "2e9d0015563e8f6c3614c219c759934c", "key": "naslFamily"}, {"hash": "e2401bfc32a37fbc3ee15335f35521c0", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67204", "id": "CISCO-SA-20120926-ECC.NASL", "lastseen": "2018-07-07T02:21:42", "modified": "2018-07-06T00:00:00", "naslFamily": "CISCO", "objectVersion": "1.3", "pluginID": "67204", "published": "2013-07-08T00:00:00", "references": ["http://www.nessus.org/u?ca6933a5"], "reporter": "Tenable", "sourceData": "#TRUSTED 4d7607caf90ea86cb30c0fc0791ba7d650290f81918cc0e2a1de73a25f2b62dd18530421c284bab198806da9fec72d03e5a959cdfe2a4a333ac02d071681b13379b2465a1afa36860f8ee41c2d812c951a556d4928c1d74bae234ec16e69122b0c859cfd95ed6be1600a883a401c9e3408f3aaeed485fbea54372a6af55ad69644419d0f5e9433df1256615416045a52e57a249735320f9e8663909fabe8b2f868d7f1f2850b0eb655accd8c9beece56e23d59a5552f7cfd0793ce65e024702649ffc8f5ff77ead80ec3adb202ba00c4c8d2952eb395082de98c1d7897a11cae46b3be730a57a362d8cafe2daf9bb9d9ba39dbac307680144d367be2a72951d21191aaffa8f42a15c19bf4c8ae4ad523c1d0261e6516d74528f9c60910a08f6f05ebbd0358d4f35d14217f13d92808d0927d5d176f1662b753fae248b620b0125f71aff4088c70516f1e744ecd7502fc4397040f5c0aa812bd84ec55db64ee0966e3a19a43aebfb9147a95a41b711a6686db31cd4d7b548bfa75dfdd956dbe7fc3584d80e41eac66d3dda3d2724754104c07916646be5d8064eedbc1012d715834ac5b9319bd1118c213104dfad4c45229f3f4fb1a6a969191406ab251b2472f5cb3fa4fcdca797b8ec5829a70fa5b1b651218c3a8315a3a25fbbf57b79193c9ac703b524bfa19e3510213f731ce53f305b8a986ca1a4a58fc05581080147f55\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Cisco Security Advisory cisco-sa-20120926-ecc.\n# The text itself is copyright (C) Cisco\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67204);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2018/07/06\");\n\n script_cve_id(\"CVE-2012-4622\");\n script_bugtraq_id(55701);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCty88456\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20120926-ecc\");\n script_xref(name:\"IAVA\", value:\"2012-A-0154\");\n\n script_name(english:\"Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)\");\n script_summary(english:\"Checks the IOS version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The Catalyst 4500E series switch with Supervisor Engine 7L-E contains\na denial of service (DoS) vulnerability when processing specially\ncrafted packets that can cause a reload of the device. Cisco has\nreleased free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.\"\n );\n # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca6933a5\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Apply the relevant patch referenced in Cisco Security Advisory\ncisco-sa-20120926-ecc.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/08\");\n\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"cisco_ios_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS/Version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nflag = 0;\noverride = 0;\n\nversion = get_kb_item_or_exit(\"Host/Cisco/IOS/Version\");\nif ( version == '15.0(2)XO' ) flag++;\n\nif (get_kb_item(\"Host/local_checks_enabled\"))\n{\n\n if (flag)\n {\n flag = 0;\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_module\", \"show module\");\n if (check_cisco_result(buf))\n {\n if (preg(pattern:\"WS-X45-SUP7L-E \", multiline:TRUE, string:buf)) { flag = 1; }\n } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }\n }\n}\n\n\nif (flag)\n{\n security_hole(port:0, extra:cisco_caveat(override));\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-07-07T02:21:42"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2012-4622"], "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device. Cisco has released free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.", "edition": 1, "enchantments": {}, "hash": "cdf762757732e75997458256861654d642baef75f7a8e62e037dd2652eb3fda7", "hashmap": [{"hash": "bf85ac661e90f76efc3e3b625164c738", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "adc2f4c69c3585696a7f610c8f747249", "key": "pluginID"}, {"hash": "a57d1846ce7b84a2d5b2b17cef0e0f90", "key": "description"}, {"hash": "792cc5e372c2043abc30263c62610b62", "key": "title"}, {"hash": "b7bb3958fcb7c6d1c5648300536098f2", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "16d10a195fe025211bc8df89d042c8dc", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "4c0f81f0b9aa3880636314c934540895", "key": "references"}, {"hash": "3549c7577835b805c98e79c714edc554", "key": "modified"}, {"hash": "de60d2d4940eb3e8caa51eab854c6a54", "key": "cvelist"}, {"hash": "d2978294286cb4df963b6dd63846264e", "key": "published"}, {"hash": "2e9d0015563e8f6c3614c219c759934c", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67204", "id": "CISCO-SA-20120926-ECC.NASL", "lastseen": "2016-09-26T17:26:36", "modified": "2014-07-03T00:00:00", "naslFamily": "CISCO", "objectVersion": "1.2", "pluginID": "67204", "published": "2013-07-08T00:00:00", "references": ["http://www.nessus.org/u?ca6933a5"], "reporter": "Tenable", "sourceData": "#TRUSTED 8113c2cd04895031da8414e26de797b3951bee3340fbaea8dfa152bcab48e0c385adb659834a8004bc5ce16bdcd4a0e82d10e249e841cc2247decd02a87480ef16defe5dd5e38857cba8561fbcd74c9210749854ad778b031cb73e74d240cba066ddc6eee5606e2d11411f5044a73c50ef1eeb789612cfd7ae22d25c0b1bd5332a3f4416d1cef3fa5e653af7491074a04e67962718c2c8dbad4745a535cc0c016d46393173a61f3cd3a668481b19dc9e17dd28edcd2c9bda5073f1bd0325e38ed9806b42fa5d6d63b308b05606bde82cf203e735a454d7c301943de145a314724a1ad73524de64543dbce7661b3777078899d51b5a4419808f489915d0a8ec765b37b0191c31d6fddfef4d2fbbd4c2d579ceadb1fc8de19f6480edef4999b82233f53bef6357737f8cd4c5d2c1d0bf029076a082524fcf7078a50910c5e57d00b613c2becb2b6abeb5753c37d4a654c7ca1fa435a3dbb607f40be346eb730c1eccde1b808031a984de6b1ee98877b8741771336e154d3f9bba9b04c81a9f59a49036a43f874a7ec92a903105ceacbc4447ba7f562e3fd8af2c447b88f48875748bc30fc69ed11a53f51f32a023933e680520ec2cec63d5183d10075b7059b6e4cd0abe734da51dca59b93758714ae02d9e0a78970b332db74861e05050ce7c613a326d8fe95f14e54ea482b3a9af2282c06e128b23cc7e173c591969128efb79\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Cisco Security Advisory cisco-sa-20120926-ecc.\n# The text itself is copyright (C) Cisco\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67204);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2014/07/03\");\n\n script_cve_id(\"CVE-2012-4622\");\n script_bugtraq_id(55701);\n script_osvdb_id(85821);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCty88456\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20120926-ecc\");\n script_xref(name:\"IAVA\", value:\"2012-A-0154\");\n\n script_name(english:\"Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)\");\n script_summary(english:\"Checks the IOS version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The Catalyst 4500E series switch with Supervisor Engine 7L-E contains\na denial of service (DoS) vulnerability when processing specially\ncrafted packets that can cause a reload of the device. Cisco has\nreleased free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.\"\n );\n # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca6933a5\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Apply the relevant patch referenced in Cisco Security Advisory\ncisco-sa-20120926-ecc.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/08\");\n\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"cisco_ios_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS/Version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nflag = 0;\noverride = 0;\n\nversion = get_kb_item_or_exit(\"Host/Cisco/IOS/Version\");\nif ( version == '15.0(2)XO' ) flag++;\n\nif (get_kb_item(\"Host/local_checks_enabled\"))\n{\n\n if (flag)\n {\n flag = 0;\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_module\", \"show module\");\n if (check_cisco_result(buf))\n {\n if (preg(pattern:\"WS-X45-SUP7L-E \", multiline:TRUE, string:buf)) { flag = 1; }\n } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }\n }\n}\n\n\nif (flag)\n{\n security_hole(port:0, extra:cisco_caveat(override));\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:36"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:cisco:ios"], "cvelist": ["CVE-2012-4622"], "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device. Cisco has released free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "8fdb16153c4f809e4b1fc09e38af816fbe335e505c8e9210245de67abd439ad6", "hashmap": [{"hash": "bf85ac661e90f76efc3e3b625164c738", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "adc2f4c69c3585696a7f610c8f747249", "key": "pluginID"}, {"hash": "a57d1846ce7b84a2d5b2b17cef0e0f90", "key": "description"}, {"hash": "9d4ec3bc274414c5dfdd7488d4d95f7b", "key": "modified"}, {"hash": "792cc5e372c2043abc30263c62610b62", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "16d10a195fe025211bc8df89d042c8dc", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "4c0f81f0b9aa3880636314c934540895", "key": "references"}, {"hash": "de60d2d4940eb3e8caa51eab854c6a54", "key": "cvelist"}, {"hash": "6ee327bd150608319df96db37c5f0fd0", "key": "sourceData"}, {"hash": "d2978294286cb4df963b6dd63846264e", "key": "published"}, {"hash": "2e9d0015563e8f6c3614c219c759934c", "key": "naslFamily"}, {"hash": "e2401bfc32a37fbc3ee15335f35521c0", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67204", "id": "CISCO-SA-20120926-ECC.NASL", "lastseen": "2018-09-02T00:09:05", "modified": "2018-07-06T00:00:00", "naslFamily": "CISCO", "objectVersion": "1.3", "pluginID": "67204", "published": "2013-07-08T00:00:00", "references": ["http://www.nessus.org/u?ca6933a5"], "reporter": "Tenable", "sourceData": "#TRUSTED 4d7607caf90ea86cb30c0fc0791ba7d650290f81918cc0e2a1de73a25f2b62dd18530421c284bab198806da9fec72d03e5a959cdfe2a4a333ac02d071681b13379b2465a1afa36860f8ee41c2d812c951a556d4928c1d74bae234ec16e69122b0c859cfd95ed6be1600a883a401c9e3408f3aaeed485fbea54372a6af55ad69644419d0f5e9433df1256615416045a52e57a249735320f9e8663909fabe8b2f868d7f1f2850b0eb655accd8c9beece56e23d59a5552f7cfd0793ce65e024702649ffc8f5ff77ead80ec3adb202ba00c4c8d2952eb395082de98c1d7897a11cae46b3be730a57a362d8cafe2daf9bb9d9ba39dbac307680144d367be2a72951d21191aaffa8f42a15c19bf4c8ae4ad523c1d0261e6516d74528f9c60910a08f6f05ebbd0358d4f35d14217f13d92808d0927d5d176f1662b753fae248b620b0125f71aff4088c70516f1e744ecd7502fc4397040f5c0aa812bd84ec55db64ee0966e3a19a43aebfb9147a95a41b711a6686db31cd4d7b548bfa75dfdd956dbe7fc3584d80e41eac66d3dda3d2724754104c07916646be5d8064eedbc1012d715834ac5b9319bd1118c213104dfad4c45229f3f4fb1a6a969191406ab251b2472f5cb3fa4fcdca797b8ec5829a70fa5b1b651218c3a8315a3a25fbbf57b79193c9ac703b524bfa19e3510213f731ce53f305b8a986ca1a4a58fc05581080147f55\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Cisco Security Advisory cisco-sa-20120926-ecc.\n# The text itself is copyright (C) Cisco\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67204);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2018/07/06\");\n\n script_cve_id(\"CVE-2012-4622\");\n script_bugtraq_id(55701);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCty88456\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20120926-ecc\");\n script_xref(name:\"IAVA\", value:\"2012-A-0154\");\n\n script_name(english:\"Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)\");\n script_summary(english:\"Checks the IOS version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The Catalyst 4500E series switch with Supervisor Engine 7L-E contains\na denial of service (DoS) vulnerability when processing specially\ncrafted packets that can cause a reload of the device. Cisco has\nreleased free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.\"\n );\n # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca6933a5\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Apply the relevant patch referenced in Cisco Security Advisory\ncisco-sa-20120926-ecc.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/08\");\n\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"cisco_ios_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS/Version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nflag = 0;\noverride = 0;\n\nversion = get_kb_item_or_exit(\"Host/Cisco/IOS/Version\");\nif ( version == '15.0(2)XO' ) flag++;\n\nif (get_kb_item(\"Host/local_checks_enabled\"))\n{\n\n if (flag)\n {\n flag = 0;\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_module\", \"show module\");\n if (check_cisco_result(buf))\n {\n if (preg(pattern:\"WS-X45-SUP7L-E \", multiline:TRUE, string:buf)) { flag = 1; }\n } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }\n }\n}\n\n\nif (flag)\n{\n security_hole(port:0, extra:cisco_caveat(override));\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)", "type": "nessus", "viewCount": 1}, "differentElements": ["references", "modified", "sourceData"], "edition": 5, "lastseen": "2018-09-02T00:09:05"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:cisco:ios"], "cvelist": ["CVE-2012-4622"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device. Cisco has released free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "216ebc3569e0cf5458fca64e7201ad4916d97bc050448cdf828e559cdf611fc2", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "adc2f4c69c3585696a7f610c8f747249", "key": "pluginID"}, {"hash": "a57d1846ce7b84a2d5b2b17cef0e0f90", "key": "description"}, {"hash": "9d4ec3bc274414c5dfdd7488d4d95f7b", "key": "modified"}, {"hash": "792cc5e372c2043abc30263c62610b62", "key": "title"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "16d10a195fe025211bc8df89d042c8dc", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "4c0f81f0b9aa3880636314c934540895", "key": "references"}, {"hash": "de60d2d4940eb3e8caa51eab854c6a54", "key": "cvelist"}, {"hash": "6ee327bd150608319df96db37c5f0fd0", "key": "sourceData"}, {"hash": "d2978294286cb4df963b6dd63846264e", "key": "published"}, {"hash": "2e9d0015563e8f6c3614c219c759934c", "key": "naslFamily"}, {"hash": "e2401bfc32a37fbc3ee15335f35521c0", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67204", "id": "CISCO-SA-20120926-ECC.NASL", "lastseen": "2018-08-30T19:57:24", "modified": "2018-07-06T00:00:00", "naslFamily": "CISCO", "objectVersion": "1.3", "pluginID": "67204", "published": "2013-07-08T00:00:00", "references": ["http://www.nessus.org/u?ca6933a5"], "reporter": "Tenable", "sourceData": "#TRUSTED 4d7607caf90ea86cb30c0fc0791ba7d650290f81918cc0e2a1de73a25f2b62dd18530421c284bab198806da9fec72d03e5a959cdfe2a4a333ac02d071681b13379b2465a1afa36860f8ee41c2d812c951a556d4928c1d74bae234ec16e69122b0c859cfd95ed6be1600a883a401c9e3408f3aaeed485fbea54372a6af55ad69644419d0f5e9433df1256615416045a52e57a249735320f9e8663909fabe8b2f868d7f1f2850b0eb655accd8c9beece56e23d59a5552f7cfd0793ce65e024702649ffc8f5ff77ead80ec3adb202ba00c4c8d2952eb395082de98c1d7897a11cae46b3be730a57a362d8cafe2daf9bb9d9ba39dbac307680144d367be2a72951d21191aaffa8f42a15c19bf4c8ae4ad523c1d0261e6516d74528f9c60910a08f6f05ebbd0358d4f35d14217f13d92808d0927d5d176f1662b753fae248b620b0125f71aff4088c70516f1e744ecd7502fc4397040f5c0aa812bd84ec55db64ee0966e3a19a43aebfb9147a95a41b711a6686db31cd4d7b548bfa75dfdd956dbe7fc3584d80e41eac66d3dda3d2724754104c07916646be5d8064eedbc1012d715834ac5b9319bd1118c213104dfad4c45229f3f4fb1a6a969191406ab251b2472f5cb3fa4fcdca797b8ec5829a70fa5b1b651218c3a8315a3a25fbbf57b79193c9ac703b524bfa19e3510213f731ce53f305b8a986ca1a4a58fc05581080147f55\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Cisco Security Advisory cisco-sa-20120926-ecc.\n# The text itself is copyright (C) Cisco\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67204);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2018/07/06\");\n\n script_cve_id(\"CVE-2012-4622\");\n script_bugtraq_id(55701);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCty88456\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20120926-ecc\");\n script_xref(name:\"IAVA\", value:\"2012-A-0154\");\n\n script_name(english:\"Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)\");\n script_summary(english:\"Checks the IOS version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The Catalyst 4500E series switch with Supervisor Engine 7L-E contains\na denial of service (DoS) vulnerability when processing specially\ncrafted packets that can cause a reload of the device. Cisco has\nreleased free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.\"\n );\n # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca6933a5\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Apply the relevant patch referenced in Cisco Security Advisory\ncisco-sa-20120926-ecc.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/08\");\n\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"cisco_ios_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS/Version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nflag = 0;\noverride = 0;\n\nversion = get_kb_item_or_exit(\"Host/Cisco/IOS/Version\");\nif ( version == '15.0(2)XO' ) flag++;\n\nif (get_kb_item(\"Host/local_checks_enabled\"))\n{\n\n if (flag)\n {\n flag = 0;\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_module\", \"show module\");\n if (check_cisco_result(buf))\n {\n if (preg(pattern:\"WS-X45-SUP7L-E \", multiline:TRUE, string:buf)) { flag = 1; }\n } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }\n }\n}\n\n\nif (flag)\n{\n security_hole(port:0, extra:cisco_caveat(override));\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:57:24"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:cisco:ios"], "cvelist": ["CVE-2012-4622"], "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device. Cisco has released free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "22ac9cc6dfb4df7a60e526d91aff75079ec1aef3d215655ac1bf2301f0aa2412", "hashmap": [{"hash": "bf85ac661e90f76efc3e3b625164c738", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "adc2f4c69c3585696a7f610c8f747249", "key": "pluginID"}, {"hash": "a57d1846ce7b84a2d5b2b17cef0e0f90", "key": "description"}, {"hash": "792cc5e372c2043abc30263c62610b62", "key": "title"}, {"hash": "b7bb3958fcb7c6d1c5648300536098f2", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "16d10a195fe025211bc8df89d042c8dc", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "4c0f81f0b9aa3880636314c934540895", "key": "references"}, {"hash": "3549c7577835b805c98e79c714edc554", "key": "modified"}, {"hash": "de60d2d4940eb3e8caa51eab854c6a54", "key": "cvelist"}, {"hash": "d2978294286cb4df963b6dd63846264e", "key": "published"}, {"hash": "2e9d0015563e8f6c3614c219c759934c", "key": "naslFamily"}, {"hash": "e2401bfc32a37fbc3ee15335f35521c0", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67204", "id": "CISCO-SA-20120926-ECC.NASL", "lastseen": "2017-10-29T13:45:23", "modified": "2014-07-03T00:00:00", "naslFamily": "CISCO", "objectVersion": "1.3", "pluginID": "67204", "published": "2013-07-08T00:00:00", "references": ["http://www.nessus.org/u?ca6933a5"], "reporter": "Tenable", "sourceData": "#TRUSTED 8113c2cd04895031da8414e26de797b3951bee3340fbaea8dfa152bcab48e0c385adb659834a8004bc5ce16bdcd4a0e82d10e249e841cc2247decd02a87480ef16defe5dd5e38857cba8561fbcd74c9210749854ad778b031cb73e74d240cba066ddc6eee5606e2d11411f5044a73c50ef1eeb789612cfd7ae22d25c0b1bd5332a3f4416d1cef3fa5e653af7491074a04e67962718c2c8dbad4745a535cc0c016d46393173a61f3cd3a668481b19dc9e17dd28edcd2c9bda5073f1bd0325e38ed9806b42fa5d6d63b308b05606bde82cf203e735a454d7c301943de145a314724a1ad73524de64543dbce7661b3777078899d51b5a4419808f489915d0a8ec765b37b0191c31d6fddfef4d2fbbd4c2d579ceadb1fc8de19f6480edef4999b82233f53bef6357737f8cd4c5d2c1d0bf029076a082524fcf7078a50910c5e57d00b613c2becb2b6abeb5753c37d4a654c7ca1fa435a3dbb607f40be346eb730c1eccde1b808031a984de6b1ee98877b8741771336e154d3f9bba9b04c81a9f59a49036a43f874a7ec92a903105ceacbc4447ba7f562e3fd8af2c447b88f48875748bc30fc69ed11a53f51f32a023933e680520ec2cec63d5183d10075b7059b6e4cd0abe734da51dca59b93758714ae02d9e0a78970b332db74861e05050ce7c613a326d8fe95f14e54ea482b3a9af2282c06e128b23cc7e173c591969128efb79\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Cisco Security Advisory cisco-sa-20120926-ecc.\n# The text itself is copyright (C) Cisco\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67204);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2014/07/03\");\n\n script_cve_id(\"CVE-2012-4622\");\n script_bugtraq_id(55701);\n script_osvdb_id(85821);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCty88456\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20120926-ecc\");\n script_xref(name:\"IAVA\", value:\"2012-A-0154\");\n\n script_name(english:\"Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)\");\n script_summary(english:\"Checks the IOS version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The Catalyst 4500E series switch with Supervisor Engine 7L-E contains\na denial of service (DoS) vulnerability when processing specially\ncrafted packets that can cause a reload of the device. Cisco has\nreleased free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.\"\n );\n # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ca6933a5\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Apply the relevant patch referenced in Cisco Security Advisory\ncisco-sa-20120926-ecc.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/08\");\n\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"cisco_ios_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS/Version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nflag = 0;\noverride = 0;\n\nversion = get_kb_item_or_exit(\"Host/Cisco/IOS/Version\");\nif ( version == '15.0(2)XO' ) flag++;\n\nif (get_kb_item(\"Host/local_checks_enabled\"))\n{\n\n if (flag)\n {\n flag = 0;\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_module\", \"show module\");\n if (check_cisco_result(buf))\n {\n if (preg(pattern:\"WS-X45-SUP7L-E \", multiline:TRUE, string:buf)) { flag = 1; }\n } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }\n }\n}\n\n\nif (flag)\n{\n security_hole(port:0, extra:cisco_caveat(override));\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:45:23"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:cisco:ios"], "cvelist": ["CVE-2012-4622"], "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device. Cisco has released free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.", "edition": 6, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "2956f05416611b628d7821a5957ff1cd631e5c06757c97b3be6492a76cd35fa9", "hashmap": [{"hash": "cdf45bc45ec42342246b4183494d8c2d", "key": "sourceData"}, {"hash": "bf85ac661e90f76efc3e3b625164c738", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "adc2f4c69c3585696a7f610c8f747249", "key": "pluginID"}, {"hash": "a57d1846ce7b84a2d5b2b17cef0e0f90", "key": "description"}, {"hash": "015cb78ce50d3bd4e2fbe18f25603329", "key": "modified"}, {"hash": "792cc5e372c2043abc30263c62610b62", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "16d10a195fe025211bc8df89d042c8dc", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "a5e931d552f61ae922fa02ac443c3951", "key": "references"}, {"hash": "de60d2d4940eb3e8caa51eab854c6a54", "key": "cvelist"}, {"hash": "d2978294286cb4df963b6dd63846264e", "key": "published"}, {"hash": "2e9d0015563e8f6c3614c219c759934c", "key": "naslFamily"}, {"hash": "e2401bfc32a37fbc3ee15335f35521c0", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=67204", "id": "CISCO-SA-20120926-ECC.NASL", "lastseen": "2018-11-16T17:16:19", "modified": "2018-11-15T00:00:00", "naslFamily": "CISCO", "objectVersion": "1.3", "pluginID": "67204", "published": "2013-07-08T00:00:00", "references": ["http://www.nessus.org/u?3693a5e7"], "reporter": "Tenable", "sourceData": "#TRUSTED 2ea34e7934cf76c39adcabd306a59ee62ad55b191f7da5e90d0189eb11d7225c6c7060562c48a249c04b50387ccb325204a6f4161915305ee9d971503c24a34b2d6da36d3a96000efa125e16fe85ecdc7da7a33c4ffd6e6b36d7ead15e6c040cf9716096a0730ef41c9a6ed07566d46db6da0e35a825d09fd1a94853c0f3058feb1e38e5d41b962eb396e7396b455a3b1e908367a0d1e75732c95848fbe82ed4bd746c27c263b5ba224aa4e59bd5c0310175f6ab1e500cbe7f9b559bee31b5978e9b4d01c786a7a2ac8b33fc350f1ae18d519e40dac18f11c63cb5827af5c2c713a18993a8a9e09a346259a5ce870cf389ba37bb177b54d9f1a51a04fb5c6f326467f05f56e8c63dcfa057a18060a6b37bb01d83226e1f7e6b6b1ff0e256966c473b5bcce58345d6efaa1484e404a5d96ab70c200189c4a89b7136cd223ca603c335690c066f840f11baf70e636f177a9375778cae35139c505b72b1697d6acbe2e2adf6dbebc34c51706a5b0a544747e148f8b2cb948f14c6e3ff41554ea9150907a2684e5422089dfb2813d35de4ea1d3c91c87252c51b15f3e54e3f8f459d8af13eb8b026fecbc3b0a3bcfa2a54f21d1c6afc7cfe36a9931939379eb96bf5b045c10a82380fb5917e4904f0cf36cf78343addaf3ea34811fb2d6e0e153fa058a8332b7d019bc1ca0443ee9a78aba35d36d777710d99201e6329b0678ab841\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Cisco Security Advisory cisco-sa-20120926-ecc.\n# The text itself is copyright (C) Cisco\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67204);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2018/11/15\");\n\n script_cve_id(\"CVE-2012-4622\");\n script_bugtraq_id(55701);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCty88456\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20120926-ecc\");\n script_xref(name:\"IAVA\", value:\"2012-A-0154\");\n\n script_name(english:\"Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)\");\n script_summary(english:\"Checks the IOS version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The Catalyst 4500E series switch with Supervisor Engine 7L-E contains\na denial of service (DoS) vulnerability when processing specially\ncrafted packets that can cause a reload of the device. Cisco has\nreleased free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.\"\n );\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3693a5e7\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Apply the relevant patch referenced in Cisco Security Advisory\ncisco-sa-20120926-ecc.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/08\");\n\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"cisco_ios_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS/Version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nflag = 0;\noverride = 0;\n\nversion = get_kb_item_or_exit(\"Host/Cisco/IOS/Version\");\nif ( version == '15.0(2)XO' ) flag++;\n\nif (get_kb_item(\"Host/local_checks_enabled\"))\n{\n\n if (flag)\n {\n flag = 0;\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_module\", \"show module\");\n if (check_cisco_result(buf))\n {\n if (preg(pattern:\"WS-X45-SUP7L-E \", multiline:TRUE, string:buf)) { flag = 1; }\n } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }\n }\n}\n\n\nif (flag)\n{\n security_hole(port:0, extra:cisco_caveat(override));\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 6, "lastseen": "2018-11-16T17:16:19"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "e2401bfc32a37fbc3ee15335f35521c0"}, {"key": "cvelist", "hash": "de60d2d4940eb3e8caa51eab854c6a54"}, {"key": "cvss", "hash": "bf85ac661e90f76efc3e3b625164c738"}, {"key": "description", "hash": "8b439c9e8b76e02e4abadd6bf8248150"}, {"key": "href", "hash": "16d10a195fe025211bc8df89d042c8dc"}, {"key": "modified", "hash": "015cb78ce50d3bd4e2fbe18f25603329"}, {"key": "naslFamily", "hash": "2e9d0015563e8f6c3614c219c759934c"}, {"key": "pluginID", "hash": "adc2f4c69c3585696a7f610c8f747249"}, {"key": "published", "hash": "d2978294286cb4df963b6dd63846264e"}, {"key": "references", "hash": "a5e931d552f61ae922fa02ac443c3951"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "cdf45bc45ec42342246b4183494d8c2d"}, {"key": "title", "hash": "792cc5e372c2043abc30263c62610b62"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "2120ccbb3c55777c06a5acdff8d77c03c7af93c418b72d2fd5de88c036677197", "viewCount": 1, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-4622"]}, {"type": "cisco", "idList": ["CISCO-SA-20120926-ECC"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12603"]}], "modified": "2019-01-16T20:16:20"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#TRUSTED 2ea34e7934cf76c39adcabd306a59ee62ad55b191f7da5e90d0189eb11d7225c6c7060562c48a249c04b50387ccb325204a6f4161915305ee9d971503c24a34b2d6da36d3a96000efa125e16fe85ecdc7da7a33c4ffd6e6b36d7ead15e6c040cf9716096a0730ef41c9a6ed07566d46db6da0e35a825d09fd1a94853c0f3058feb1e38e5d41b962eb396e7396b455a3b1e908367a0d1e75732c95848fbe82ed4bd746c27c263b5ba224aa4e59bd5c0310175f6ab1e500cbe7f9b559bee31b5978e9b4d01c786a7a2ac8b33fc350f1ae18d519e40dac18f11c63cb5827af5c2c713a18993a8a9e09a346259a5ce870cf389ba37bb177b54d9f1a51a04fb5c6f326467f05f56e8c63dcfa057a18060a6b37bb01d83226e1f7e6b6b1ff0e256966c473b5bcce58345d6efaa1484e404a5d96ab70c200189c4a89b7136cd223ca603c335690c066f840f11baf70e636f177a9375778cae35139c505b72b1697d6acbe2e2adf6dbebc34c51706a5b0a544747e148f8b2cb948f14c6e3ff41554ea9150907a2684e5422089dfb2813d35de4ea1d3c91c87252c51b15f3e54e3f8f459d8af13eb8b026fecbc3b0a3bcfa2a54f21d1c6afc7cfe36a9931939379eb96bf5b045c10a82380fb5917e4904f0cf36cf78343addaf3ea34811fb2d6e0e153fa058a8332b7d019bc1ca0443ee9a78aba35d36d777710d99201e6329b0678ab841\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Cisco Security Advisory cisco-sa-20120926-ecc.\n# The text itself is copyright (C) Cisco\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67204);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2018/11/15\");\n\n script_cve_id(\"CVE-2012-4622\");\n script_bugtraq_id(55701);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCty88456\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20120926-ecc\");\n script_xref(name:\"IAVA\", value:\"2012-A-0154\");\n\n script_name(english:\"Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)\");\n script_summary(english:\"Checks the IOS version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The Catalyst 4500E series switch with Supervisor Engine 7L-E contains\na denial of service (DoS) vulnerability when processing specially\ncrafted packets that can cause a reload of the device. Cisco has\nreleased free software updates that address this vulnerability.\nWorkarounds that mitigate this vulnerability are not available.\"\n );\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3693a5e7\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Apply the relevant patch referenced in Cisco Security Advisory\ncisco-sa-20120926-ecc.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/08\");\n\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"CISCO\");\n\n script_dependencies(\"cisco_ios_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS/Version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nflag = 0;\noverride = 0;\n\nversion = get_kb_item_or_exit(\"Host/Cisco/IOS/Version\");\nif ( version == '15.0(2)XO' ) flag++;\n\nif (get_kb_item(\"Host/local_checks_enabled\"))\n{\n\n if (flag)\n {\n flag = 0;\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_module\", \"show module\");\n if (check_cisco_result(buf))\n {\n if (preg(pattern:\"WS-X45-SUP7L-E \", multiline:TRUE, string:buf)) { flag = 1; }\n } else if (cisco_needs_enable(buf)) { flag = 1; override = 1; }\n }\n}\n\n\nif (flag)\n{\n security_hole(port:0, extra:cisco_caveat(override));\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "CISCO", "pluginID": "67204", "cpe": ["cpe:/o:cisco:ios"]}
{"cve": [{"lastseen": "2017-08-29T12:17:47", "bulletinFamily": "NVD", "description": "Cisco IOS XE 03.02.00.XO.15.0(2)XO on Catalyst 4500E series switches, when a Supervisor Engine 7L-E card is installed, allows remote attackers to cause a denial of service (card reload) via malformed packets that trigger uncorrected ECC error messages, aka Bug ID CSCty88456.", "modified": "2017-08-28T21:32:20", "published": "2012-09-26T20:55:01", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4622", "id": "CVE-2012-4622", "title": "CVE-2012-4622", "type": "cve", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "cisco": [{"lastseen": "2017-09-26T15:34:03", "bulletinFamily": "software", "description": "Cisco Catalyst 4500E series switches with Supervisor Engine 7L-E contain a denial of service (DoS) vulnerability that could allow an unauthenticated, remote attacker to cause the device supervisor card to reload.\n\nThe vulnerability is due to improper processing of malformed network packets. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted packets to or through the affected device. An exploit could allow the attacker to reload the affected device supervisor card, resulting in a DoS condition.\n\nThe Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device.\n\nCisco has released software updates that address this vulnerability. \n\nWorkarounds that mitigate this vulnerability are not available.\n\nThis advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc[\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc\"]\n\nNote: The September 26, 2012, Cisco IOS Software Security Advisory bundled publication includes nine Cisco Security Advisories. Eight of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the September 2012 bundled publication. \n\nIndividual publication links are in \"Cisco Event Response: Semi-Annual Cisco IOS Software Security Advisory Bundled Publication\" at the following link: \n\nhttp://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html[\"http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep12.html\"]", "modified": "2012-09-25T21:13:36", "published": "2012-09-26T16:00:00", "id": "CISCO-SA-20120926-ECC", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-ecc", "type": "cisco", "title": "Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "description": "Crash on malformed packet parsing.", "modified": "2012-10-01T00:00:00", "published": "2012-10-01T00:00:00", "id": "SECURITYVULNS:VULN:12603", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12603", "title": "Cisco Catalyst switches DoS", "type": "securityvulns", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}