Lucene search
This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.CISCO-SA-20130327-SMARTINSTALL.NASLHistoryApr 10, 2013 - 12:00 a.m.
Cisco IOS Software Smart Install Denial of Service Vulnerability (cisco-sa-20130327-smartinstall)
2013-04-1000:00:00
This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
www.tenable.com
37
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.011 Low
EPSS
Percentile
84.4%
The Smart Install client feature in Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
Affected devices that are configured as Smart Install clients are vulnerable. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that have the Smart Install client feature enabled.
#TRUSTED 4bcb6b220d012299bc48cfe01db3e50a3a486401fec33fe61b2ed1e12fba7914e15ca0ebf17fbf88dd5cc3090bc61a7b1f07a721128453a4bd76de25fc1c932e101e393769e43ec50bbd223fbf1c8c4a950ab95fb8f5365bd7cbda05f665c996a97a4bb3f5fe7ca6482678e9eb9729fa8e76cc341e04c1f277cbf39b00ad46744f9d4293fa2b0f456318831247ca8aec054a8c566620cccebe287859006e30972df6cc0fe0c7f7448d12a655fb1b5bdcd817fe905c3bc08e3a45bd3251e0e3cb55d1cde5e601fa125add9f7128a6a17ed3ca6885158c52731cf5c2d8946230ef7ec7f45ece5ba52db08cd3fcef8190f14306ced74c5daf7c3cd9ff42821d5cb6f0c79ae32b1a43026fd3087c844047272015b1e4aa8e885ebc8c8c12a19b3c35dd1ea3c87b86560c1d85cb90221ec4bc11caa83aed4120cbb40f9a65054e7ef6769f2229eb1a52620ebb357077885fa7ea4308f50a1db9490805ee5a5fdc4d122ae93a38a6ee86f14ddc370689d215e21b8165d64b076e9b3b6f0f16529414a197748e97bbac956960cc95a3f04b124e3026e2cc771782774bfda89e6f4e343a1615960099196958059c3dbaabd05af0161bda18e462ff7080c9014268f264c8429e4554ff1eed3b8402950cef394c1d80fb2c21bdd436ed2c9ee3056d1e35e433e5f74bc564325b404275eab3fd9ade00377effee6c0aa158c50e00fa782cb3
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Cisco Security Advisory cisco-sa-20130327-smartinstall.
# The text itself is copyright (C) Cisco
#
include("compat.inc");
if (description)
{
script_id(65891);
script_version("1.15");
script_set_attribute(attribute:"plugin_modification_date", value:"2018/11/15");
script_cve_id("CVE-2013-1146");
script_bugtraq_id(58746);
script_xref(name:"TRA", value:"TRA-2013-03");
script_xref(name:"CISCO-BUG-ID", value:"CSCub55790");
script_xref(name:"CISCO-SA", value:"cisco-sa-20130327-smartinstall");
script_name(english:"Cisco IOS Software Smart Install Denial of Service Vulnerability (cisco-sa-20130327-smartinstall)");
script_summary(english:"Checks the IOS version.");
script_set_attribute(
attribute:"synopsis",
value:"The remote device is missing a vendor-supplied security patch."
);
script_set_attribute(
attribute:"description",
value:
"The Smart Install client feature in Cisco IOS Software contains a
vulnerability that could allow an unauthenticated, remote attacker to
cause a denial of service (DoS) condition on an affected device.
Affected devices that are configured as Smart Install clients are
vulnerable. Cisco has released free software updates that address this
vulnerability. There are no workarounds for devices that have the
Smart Install client feature enabled."
);
script_set_attribute(attribute:"see_also", value:"https://www.tenable.com/security/research/tra-2013-03");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?74d7638e"
);
script_set_attribute(
attribute:"solution",
value:
"Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20130327-smartinstall."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/03/27");
script_set_attribute(attribute:"patch_publication_date", value:"2013/04/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/10");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
script_family(english:"CISCO");
script_dependencies("cisco_ios_version.nasl");
script_require_keys("Host/Cisco/IOS/Version");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");
flag = 0;
override = 0;
version = get_kb_item_or_exit("Host/Cisco/IOS/Version");
if ( version == '12.2(55)EX' ) flag++;
if ( version == '12.2(55)EX1' ) flag++;
if ( version == '12.2(55)EX2' ) flag++;
if ( version == '12.2(55)EX3' ) flag++;
if ( version == '12.2(55)EY' ) flag++;
if ( version == '12.2(55)EZ' ) flag++;
if ( version == '12.2(55)SE' ) flag++;
if ( version == '12.2(55)SE1' ) flag++;
if ( version == '12.2(55)SE2' ) flag++;
if ( version == '12.2(55)SE3' ) flag++;
if ( version == '12.2(55)SE4' ) flag++;
if ( version == '12.2(55)SE5' ) flag++;
if ( version == '12.2(55)SE6' ) flag++;
if ( version == '12.2(58)EX' ) flag++;
if ( version == '12.2(58)EY' ) flag++;
if ( version == '12.2(58)EY1' ) flag++;
if ( version == '12.2(58)EY2' ) flag++;
if ( version == '12.2(58)EZ' ) flag++;
if ( version == '12.2(58)SE' ) flag++;
if ( version == '12.2(58)SE1' ) flag++;
if ( version == '12.2(58)SE2' ) flag++;
if ( version == '15.0(1)EY' ) flag++;
if ( version == '15.0(1)EY1' ) flag++;
if ( version == '15.0(1)EY2' ) flag++;
if ( version == '15.0(1)SE' ) flag++;
if ( version == '15.0(1)SE1' ) flag++;
if ( version == '15.0(1)SE2' ) flag++;
if ( version == '15.0(1)SE3' ) flag++;
if ( version == '15.0(2)SE' ) flag++;
if ( version == '15.1(1)SG' ) flag++;
if ( version == '15.1(1)SG1' ) flag++;
if ( version == '15.1(1)SG2' ) flag++;
if ( version == '15.1(1)SY' ) flag++;
if ( version == '15.1(4)GC' ) flag++;
if ( version == '15.2(1)GC' ) flag++;
if ( version == '15.2(1)GC1' ) flag++;
if ( version == '15.2(1)GC2' ) flag++;
if ( version == '15.2(2)GC' ) flag++;
if ( version == '15.2(3)GC' ) flag++;
if ( version == '15.2(3)GCA' ) flag++;
if ( version == '15.2(3)XA' ) flag++;
if (get_kb_item("Host/local_checks_enabled"))
{
if (flag)
{
flag = 0;
buf = cisco_command_kb_item("Host/Cisco/Config/show_vstack_config", "show vstack config");
if (check_cisco_result(buf))
{
if ( (preg(multiline:TRUE, pattern:"Role:\s*[Cc]lient", string:buf)) &&
(!preg(multiline:TRUE, pattern:"Role:\s*[Cc]lient\s+\(SmartInstall disabled\)", string:buf)) ) { flag = 1; }
}
else if (cisco_needs_enable(buf)) {flag = 1; override = 1; }
}
}
if (flag)
{
report +=
'\n Cisco Bug ID : CSCub55790' +
'\n Installed release : ' + version + '/n';
security_hole(port:0, extra:report + cisco_caveat(override));
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Related
prion
prion
Code injection
2013-03-28 23:55:00
cvelist
cvelist
CVE-2013-1146
2022-10-03 16:14:47
cisco
cisco
Cisco IOS Software Smart Install Denial of Service Vulnerability
2013-03-27 16:00:00
zdi
zdi
nvd
nvd
CVE-2013-1146
2013-03-28 23:55:01
cve
cve
CVE-2013-1146
2022-10-03 16:14:47
securityvulns
securityvulns
Cisco IOS multiple security vulnerabilities
2013-04-15 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.011 Low
EPSS
Percentile
84.4%
Related for CISCO-SA-20130327-SMARTINSTALL.NASL