Lucene search
This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-SPLITDNS-SPWQPDGW-IOSXE.NASLHistoryOct 05, 2020 - 12:00 a.m.
Cisco IOS XE Software Split DNS DoS (cisco-sa-splitdns-SPWqpdGW)
2020-10-0500:00:00
This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
26
According to its self-reported version, Cisco IOS XE Software is affected by a denial of service (DoS) vulnerability as the Split DNS feature’s regular expression (regex) engine may time out when processing the DNS name list configuration. An unauthenticated, remote attacker could cause an affected device to reload, resulting in a denial of service.
Please see the included Cisco BID and Cisco Security Advisory for more information.
#TRUSTED 3bbb38fce7b4a81797aa72fc9e2f33a9184077d264c5a8cd29b15794915070d60973cc20bd1214949e1ed0d35cfe6607598fa41d91a4ed9a97503440094640934fa4af4bbf89b2d1cc943f416e9738539bbaa6b40c02f9eb10d710da1168a8411d1f8273c0e5e6d5bb40666f4cb58d510653261de51df94a3b2e815cd0f7fd77f991e093d5e479224b9adc97234e67f60905d5903f3670e325e7e7ac160ad34114be611b8a95d36f410d1000a50ba198c9136ac96fdac8681f93162aef0e3990b175e09194d580cd4d87f7a59fcf75d36f61a02cdb5f7d20b4453211aa51709dd37e67ebbb1eac95c695862a64a31da7e3511551a538805c9218f41eb7f9fcafee6df7eeac7a2fd4ac29f77939fcbcb25faabf0ae3605d0429f2127c31a1a1737003e96312c22a179feae9d6132381da1354512c336dba482d98781565b2d74fe26434d7e3fb13a31873633cb68b39b9bf59bd08b38654167859af4ceb82c8dc328aaa3a5f2d070426d85e213d1df323818d402471ee7580c010679239a5b7bba8cdb222b090c5a895332400d9bf830cd5491c9e02d30faa95bc7c418cbef1f528b406ce1925903760560476027ff1263182426fec8136b95d8d3014c75052589ae2440044b639969f4402c2904dca31ffeb84ea2288aea17edbdc6387ad97c52efb38099d57faf278ddb6eebab0641d7ee770dd69217fe52769778c6944b621
#TRUST-RSA-SHA256 45d4ce9ee9b8e3cbc993ca4c2b077d13f2396dcb713c607166aedabdc2fce22154cc754b6abc84cddbca242ee7d0671565e89e90994b9265e7ad575ceb55fb09c46046dae9916bf1eae5052c1000b7f305d27add3e5f67c126044b633ffb2d5c23a66caca9cb5592bd714a18bffec9141df3c41eb63c59502a223bb31a3ae5ac6d3916d5e13fe8cb48d2eeaa699a80dc92518048f7e89479e876451edb144a32c563cf375ce8a5d441c339eca584c8750ea8632d52f2456dd5886f0bcff183533286af55fe8e8339201e867245d80dfaf62a5f22bdcd2d17c1976421a66f6caa777a2dbbcc0d505809b76d667751540367ba35be82abd63fc8b80e35b76a221651a729b73985cb5d65873e5f58d22a574b701f44a07c4c2538eb121fff78bb3d9cf3edd2f0e207162f89fb46208f41551895316e4e1dc895461bb4f408916a1ae1f21ee8feaeacd2d08327178fe5cc7487effe8b305e538e3ffd6b67904d9b000d479da046c79e4e25ff6716cabb61d0897b62eb1fc9c52b0eecf0b115c327b15c58a4f6db4fedf205d74f6f78e8a4a7f573df578411efbce9c1c19ccbc6d5ee95095407f4cddfcdf2c7b965d3c4e07ee1402ff418a18d01c800ba707e8d951206c93c75305899e2f139589148fd72b3674b40737ebe44c7ad63fcee65102b1098a6411054e34f8bd4a9a3096a70114fd2c1242aaf764fc929d97c44ad37de2e
##
# (C) Tenable Network Security, Inc.
##
include('compat.inc');
if (description)
{
script_id(141171);
script_version("1.11");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/28");
script_cve_id("CVE-2020-3408");
script_xref(name:"CISCO-BUG-ID", value:"CSCvt78186");
script_xref(name:"CISCO-SA", value:"cisco-sa-splitdns-SPWqpdGW");
script_xref(name:"IAVA", value:"2020-A-0439-S");
script_name(english:"Cisco IOS XE Software Split DNS DoS (cisco-sa-splitdns-SPWqpdGW)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco IOS XE Software is affected by a denial of service (DoS) vulnerability
as the Split DNS feature's regular expression (regex) engine may time out when processing the DNS name list
configuration. An unauthenticated, remote attacker could cause an affected device to reload, resulting in a denial of
service.
Please see the included Cisco BID and Cisco Security Advisory for more information.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-splitdns-SPWqpdGW
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a2f37dff");
script_set_attribute(attribute:"see_also", value:"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74268");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt78186");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvt78186");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-3408");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_cwe_id(185);
script_set_attribute(attribute:"vuln_publication_date", value:"2020/09/24");
script_set_attribute(attribute:"patch_publication_date", value:"2020/09/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/10/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xe");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_xe_version.nasl");
script_require_keys("Host/Cisco/IOS-XE/Version");
exit(0);
}
include('ccf.inc');
include('cisco_workarounds.inc');
product_info = cisco::get_product_info(name:'Cisco IOS XE Software');
vuln_versions = make_list(
'16.10.1',
'16.10.1a',
'16.10.1b',
'16.10.1c',
'16.10.1d',
'16.10.1e',
'16.10.1f',
'16.10.1g',
'16.10.1s',
'16.10.2',
'16.10.3',
'16.11.1',
'16.11.1a',
'16.11.1b',
'16.11.1c',
'16.11.1s',
'16.11.2',
'16.12.1',
'16.12.1a',
'16.12.1c',
'16.12.1s',
'16.12.1t',
'16.12.1w',
'16.12.1x',
'16.12.1y',
'16.12.2',
'16.12.2a',
'16.12.2s',
'16.12.2t',
'16.12.3',
'16.12.3a',
'16.12.3s',
'16.5.2',
'16.5.3',
'16.6.2',
'16.6.3',
'16.6.4',
'16.6.4a',
'16.6.4s',
'16.6.5',
'16.6.5a',
'16.6.5b',
'16.6.6',
'16.6.7',
'16.6.7a',
'16.6.8',
'16.7.1',
'16.7.1a',
'16.7.1b',
'16.7.2',
'16.7.3',
'16.7.4',
'16.8.1',
'16.8.1a',
'16.8.1b',
'16.8.1c',
'16.8.1d',
'16.8.1e',
'16.8.1s',
'16.8.2',
'16.8.3',
'16.9.1',
'16.9.1a',
'16.9.1b',
'16.9.1c',
'16.9.1d',
'16.9.1s',
'16.9.2',
'16.9.2a',
'16.9.2s',
'16.9.3',
'16.9.3a',
'16.9.3h',
'16.9.3s',
'16.9.4',
'16.9.4c',
'16.9.5',
'16.9.5f',
'17.1.1',
'17.1.1a',
'17.1.1s',
'17.1.1t',
'17.1.2',
'17.2.1',
'17.2.1a',
'17.2.1r',
'17.2.1t',
'17.2.1v'
);
workarounds = make_list(CISCO_WORKAROUNDS['ip_dns_split_dns']);
reporting = make_array(
'port' , product_info['port'],
'severity' , SECURITY_HOLE,
'version' , product_info['version'],
'bug_id' , 'CSCvt78186',
'cmds' , make_list('show running-config | section ip dns')
);
cisco::check_and_report(
product_info:product_info,
vuln_versions:vuln_versions,
workarounds:workarounds,
reporting:reporting
);
Related
nessus
nessus
Cisco IOS Software Split DNS DoS (cisco-sa-splitdns-SPWqpdGW)
2020-10-05 00:00:00
prion
prion
Race condition
2020-09-24 18:15:00
cve
cve
CVE-2020-3408
2020-09-24 18:15:00
cisco
cisco
Cisco IOS and IOS XE Software Split DNS Denial of Service Vulnerability
2020-09-24 16:00:00
Related for CISCO-SA-SPLITDNS-SPWQPDGW-IOSXE.NASL