Lucene search
This script is Copyright (C) 2014-2024 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SN-CVE-2014-2131-IOSXE.NASLHistoryMay 02, 2014 - 12:00 a.m.
Cisco IOS XE VSS / BDF Traffic DoS (CSCug41049 / CSCue61890)
2014-05-0200:00:00
This script is Copyright (C) 2014-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
45
6.1 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
7 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
52.6%
The remote Cisco device is affected by a denial of service vulnerability in its packet driver code when handling Virtual Switching Systems (VSS) or Bidirectional Forwarding Detection (BFD) traffic. An unauthenticated, adjacent attacker can exploit this to cause a device reload.
Note that this issue only affects Cisco Catalyst 4000 Series switches.
#TRUSTED 2a1fd56048723c55da67b4732b7fa2f2b44c66a8da6ddad6e7614023d0ba179f2e34d04bf37105c72c6144182d99c8cb5f767698639288837655921579fff8901ea1ddf79f58a27dbae4a2d34442abaa451064741cdaf52e782ecb9803cfbf973d54f8b627cd92554349f8a8c377d8fad8455de4cbc74d442b9d57663c8e0f34004073bd2b7f4317287cf6b6ce3daf536f52096296233639182074370dbff6f989e6e820849e91bd226e3abaf5f3363b275007d7d7f0050234a86cce1bd516f298ae9e3df142c12a0ac23032636d05c4ddcf86352be3d7ffb12685f7cdb25d202df9dfe804de4f5df6cb1d03fb5dd925c1b1aea0803edc028e381f569b60654be3caf3a8ab8717aa8ff0626b5a0b9c97034b437e12cc5867cdb9aeed61adb4426a6aee4f209e7e4e940030a3994fd08c2ffa9fe25da866bcd8e80780c39b931d60d77386eec8b42401996c89419abb1fe174cd731f0e75c949561dbb3e1609c108ada047f72475400a556877cfd33827405e453d226abc19bee8d4f4d58c0ac960adc3dab8fa5ee926e901e06770c69a9c02747624f51b4bb9e287ace8fea134f4b1a76f418887cda4f1a5f878449c49a9bd3ecaee2430dc404b1a603e1554aff6e3083c73637c19f77e573f2a8dbe728193868c4ad82498916f1d0e9d21951a4f75fc9a7562458d7d851fe48ef5ddef0496ccef558ea63812b8034bbeb79c0b
#TRUST-RSA-SHA256 062f71a96307b9e4f2c849afa10c88d0267b424475dad4d5a512819257d57be3cf1abcf47dd8bb9aed47f0761f66661b2a34d2b75fb1d5f6b78bc790cc73278476d982c9f86ffe03a3ffb18ee7a02968aa34f2c5f94377c9e9182b7b145f672e8f44c9f24a72bdb7c686effdc10436cf206aab2ee1370406f29e7e1f19153d857a50cf3c3ffb98cb49bb486a8348ad55fe5775a4e28c7ca9da59f7da6fb69679f31d7c26ad27d708b47881e8a51bccb774857b7c1874cfe091cb35c0ecd3975872ebbc74ea8d2a554279fd8681595c714599750acc613275e80eb052652c97d844a783149f2c5550096093904a4bbaa16d4360e1ca91acc24b7b4b66f2603652c6954557ad78be7fd99cb0dd1a1a7b806a56decc9f13e6fde78f5eda681984b00a098d6dc99cc878860999ccd3dff8cc0c3f4f709ab31225d8a3098b8b75f3a1ca9a82b43d8874abbef3f4fec4d0e16d7a9e78b250df34422de8fe8c6f91448c80ad90a57ee9137ae5d914776466898d22179ff8c72df6f0c68581d60d0e9e0f7d9686f64f8d62a454d5304ffe6ad71c989a417f89cfe03a0a392a8e7f1154e7837977207f704dee152e33e6deec2f6de9a6873d7a14e7bf84b952a7f6320a259fd512aa968087a1fccb865fb52f80fde1c501759506788fac05aefe73ac6504f050d3bdfc1df5b2a416d46401abc7efda1e5697fd98ea633695be935ccc2c66
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(73829);
script_version("1.11");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/03");
script_cve_id("CVE-2014-2131");
script_bugtraq_id(66515);
script_xref(name:"CISCO-BUG-ID", value:"CSCug41049");
script_xref(name:"CISCO-BUG-ID", value:"CSCue61890");
script_name(english:"Cisco IOS XE VSS / BDF Traffic DoS (CSCug41049 / CSCue61890)");
script_summary(english:"Checks the IOS XE version.");
script_set_attribute(attribute:"synopsis", value:
"The remote device is affected by a denial of service vulnerability.");
script_set_attribute(attribute:"description", value:
"The remote Cisco device is affected by a denial of service
vulnerability in its packet driver code when handling Virtual
Switching Systems (VSS) or Bidirectional Forwarding Detection (BFD)
traffic. An unauthenticated, adjacent attacker can exploit this to
cause a device reload.
Note that this issue only affects Cisco Catalyst 4000 Series switches.");
script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewAlert.x?alertId=33558");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug IDs
CSCug41049 and CSCue61890.");
script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/03/28");
script_set_attribute(attribute:"patch_publication_date", value:"2014/03/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/02");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xe");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2014-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_xe_version.nasl");
script_require_keys("Host/Cisco/IOS-XE/Version");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");
version = get_kb_item_or_exit("Host/Cisco/IOS-XE/Version");
flag=0;
model = get_kb_item_or_exit("Host/Cisco/IOS-XE/Model");
if (model !~ "Catalyst 4[0-9][0-9][0-9]($|[^0-9])") audit(AUDIT_HOST_NOT, "affected");
if (version == '3.0.2.1') flag++;
override = FALSE;
cmds = make_list();
if (get_kb_item("Host/local_checks_enabled") && flag)
{
flag = 0;
# Look for BFD
buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config");
if (check_cisco_result(buf))
{
if (preg(string:buf, pattern:"bfd\s+interval\s+\d+\s+min_rx\s+\d+\s+multiplier\s+\d", multiline:TRUE))
{
flag = 1;
cmds = make_list('show running-config');
}
}
else if (cisco_needs_enable(buf)) { flag = 1; override = TRUE; }
# Look for VSS
buf = cisco_command_kb_item("Host/Cisco/Config/show_mod", "show mod");
if (check_cisco_result(buf))
{
if (preg(string:buf, pattern:"Switch Number:\s+\d+\s+Role:\s+Virtual Switch Active", multiline:TRUE))
{
flag = 1;
override = FALSE;
cmds = make_list(cmds, 'show mod');
}
}
else if (cisco_needs_enable(buf)) { flag = 1; override = TRUE; }
if (!flag && !override) audit(AUDIT_OS_CONF_NOT_VULN, "Cisco IOS XE", version);
}
if (flag || override)
{
security_report_cisco(
port : 0,
severity : SECURITY_WARNING,
override : override,
version : version,
bug_id : "CSCug41049, CSCue61890",
cmds : cmds
);
}
else audit(AUDIT_HOST_NOT, "affected");
Related
seebug
seebug
Cisco IOS SoftwareθΏη¨ζη»ζε‘ζΌζ΄
2014-04-01 00:00:00
nessus
nessus
prion
prion
Code injection
2014-03-29 01:55:00
cvelist
cvelist
CVE-2014-2131
2014-03-29 01:00:00
cisco
cisco
Cisco IOS Software High Priority Queue Denial of Service Vulnerability
2014-03-31 20:22:17
cve
cve
CVE-2014-2131
2014-03-29 01:55:07
nvd
nvd
CVE-2014-2131
2014-03-29 01:55:07
6.1 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
7 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
52.6%
Related for CISCO-SN-CVE-2014-2131-IOSXE.NASL