Cisco IPS MainApp SNMP DoS (CSCul49309)

2014-03-1400:00:00

www.tenable.com

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

EPSS

0.001

Percentile

41.4%

JSON

A vulnerability in Cisco IPS Software could allow an unauthenticated, remote attacker to cause the MainApp to hang intermittently due to improper handling of SNMP packets sent to the management interface.

Note that, in order to for the remote host to be affected by this issue, SNMP must be enabled. Also, SNMP v3 users without the ‘noAuth’ option enabled will need valid credentials to exploit this issue.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(73027);
  script_version("1.4");
  script_cvs_date("Date: 2019/11/26");

  script_cve_id("CVE-2014-2103");
  script_bugtraq_id(65864);
  script_xref(name:"CISCO-BUG-ID", value:"CSCul49309");
  script_xref(name:"CISCO-BUG-ID", value:"CSCum52355");

  script_name(english:"Cisco IPS MainApp SNMP DoS (CSCul49309)");
  script_summary(english:"Checks the IPS version");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"A vulnerability in Cisco IPS Software could allow an unauthenticated,
remote attacker to cause the MainApp to hang intermittently due to
improper handling of SNMP packets sent to the management interface. 

Note that, in order to for the remote host to be affected by this issue,
SNMP must be enabled.  Also, SNMP v3 users without the 'noAuth' option
enabled will need valid credentials to exploit this issue.");
  # https://tools.cisco.com/security/center/viewAlert.x?alertId=33109
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?710f1590");
  script_set_attribute(attribute:"see_also", value:"https://www.zerodaylab.com/vulnerabilities/CVE-2014/CVE-2014-2103.html");
  script_set_attribute(attribute:"solution", value:
"Apply the relevant patch or workaround referenced in Cisco Bug Id
CSCul49309.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-2103");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/02/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/03/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/14");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:intrusion_prevention_system");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_ips_version.nasl");
  script_require_keys("Host/Cisco/IPS/Version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

version = get_kb_item_or_exit('Host/Cisco/IPS/Version');

if (report_paranoia < 2) get_kb_item_or_exit("SNMP/port");

if (
  version =~ "^7\.0\([12](p\d)?\)E3$" ||
  version =~ "^7\.0\([2-9](a|p\d)?\)E4$" ||
  version =~ "^7\.1\([0-8](p\d)?\)E4$" ||
  version =~ "^7\.2\(1\)(p\d)?\)E4$" ||
  version == "7.2(1)V32"
)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Installed version : ' + version +
      '\n  Fixed version     : 7.2(2)E4' +
      '\n';
    security_warning(port:0, extra:report);
  }
  else security_warning(0);
}
else audit(AUDIT_INST_VER_NOT_VULN, 'Cisco IPS', version);