CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
48.6%
The remote Cisco device is running a version of Cisco IOS XR software that is affected by multiple denial of service vulnerabilities related to the incorrect handling of malformed DHCPv6 packets.
#TRUSTED 6a83e31967a0df205f8696f865019de71cf2fbb8cdd1af5c640c6f9e82be957c852ffb2a6cf50b76170936123113a40b6566df4e77885d586f00fe99a8e7d87f91da748cf8636ce17e15efaf352780bbb7d7c6d85d42bc1e425a9985273de46c65a557e2cea54fc9915f4374f42e8f72377fe5042759b4861e7f52c7057cfa84c74aff7923f954939165c06c057e2cdf19794975503a63786817487bbe94100843fb9aa4661ef1320c1a180e0abfba9a7f99bcc59879ac695e1b4d893b81ffe4d8dfeda91acaea9dcdf60cbc47fcea06f2723f37e3eec0a5331170b6ec119f64586aa372b9857f088c50990717d8c540e9e6caf3e55da32d40ff318131c71914aa97aafe648b9ca2461382b2860367bbf417daace96eed22af6f34a3092902026483a616fc6c5681ba597614a4131055e57a0faf66aa444d0aa611d8fe4a6fbd487b2dcc978100a7b5ee9e95cdb75b9f4babe822a975c8c71ad57b7c998bed528114b76d0851b0c5aeb7cebf49e35bf83fdbc60eb3bb6a792b558b58382b05861c27703ef4fe1c5354fcc05ac51e58a8451b99449bcf221ff20e150f011837dd39b02581689a0989aec5d8631af3c75923d0a7ed4f534dd835833c66ef7ef61a611903eef961d87f9db5314fc5088a8fc4c563d2fd65e1b53f99fab67ad1294f1d22f1b6cbe7bbad7d88031d2aa8bf1d157fbc72fe81f06ff09728d9a0afe197
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(76971);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/04/08");
script_cve_id("CVE-2014-3270", "CVE-2014-3271");
script_bugtraq_id(67488, 67492);
script_xref(name:"CISCO-BUG-ID", value:"CSCul80924");
script_xref(name:"CISCO-BUG-ID", value:"CSCum85558");
script_xref(name:"CISCO-BUG-ID", value:"CSCum20949");
script_xref(name:"CISCO-BUG-ID", value:"CSCul61849");
script_xref(name:"CISCO-BUG-ID", value:"CSCul71149");
script_name(english:"Cisco IOS XR DHCPv6 Multiple DoS Vulnerabilities");
script_summary(english:"Checks the IOS XR version.");
script_set_attribute(attribute:"synopsis", value:"The remote device is missing vendor-supplied security patches.");
script_set_attribute(attribute:"description", value:
"The remote Cisco device is running a version of Cisco IOS XR software
that is affected by multiple denial of service vulnerabilities related
to the incorrect handling of malformed DHCPv6 packets.");
# https://tools.cisco.com/security/center/viewAlert.x?alertId=34288
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8f36bfcf");
# https://tools.cisco.com/security/center/viewAlert.x?alertId=34289
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?637c559e");
script_set_attribute(attribute:"solution", value:
"Apply the relevant patches referenced in Cisco bug IDs CSCul80924,
CSCum85558, CSCum20949, CSCul61849, and CSCul71149.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-3270");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/05/19");
script_set_attribute(attribute:"patch_publication_date", value:"2014/05/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/01");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xr");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
script_family(english:"CISCO");
script_dependencies("cisco_ios_xr_version.nasl");
script_require_keys("Host/Cisco/IOS-XR/Version");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");
flag = 0;
override = 0;
version = get_kb_item_or_exit("Host/Cisco/IOS-XR/Version");
if (version == '5.2.0') flag = 1;
port = get_kb_item("Host/Cisco/IOS-XR/Port");
if(empty_or_null(port))
port = 0;
# Check if DHCPv6 server is enabled
if (get_kb_item("Host/local_checks_enabled") && flag)
{
flag = 0;
buf = cisco_command_kb_item("Host/Cisco/Config/show_ipv6_dhcp_interface", "show ipv6 dhcp interface");
if (check_cisco_result(buf))
{
if ("server" >< buf) flag = 1;
}
else if (cisco_needs_enable(buf))
{
flag = 1;
override = 1;
}
}
if (flag)
{
if (report_verbosity > 0)
{
report =
'\n Cisco bug IDs : CSCul80924 / CSCum85558 / CSCum20949 / CSCul61849 / CSCul71149' +
'\n Installed release : ' + version +
'\n';
security_warning(port:port, extra:report + cisco_caveat(override));
}
else security_warning(port:port, extra:cisco_caveat(override));
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");