Cisco IOS SNMP DoS (CSCug65204)

2014-08-01T00:00:00
ID CISCO-SN-CVE-2014-3296-IOS.NASL
Type nessus
Reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
Modified 2014-08-01T00:00:00

Description

The remote Cisco device potentially contains an issue in the SNMP module which may allow remote authenticated users to cause a denial of service (device reload) via continuous SNMP polling requests.

                                        
                                            #TRUSTED 3b841dba05278b789f803028996c48390c696376b23dad23adc34528b9ae60f1ca81dfd642c574e8e87e4aa5304d6fcf7cffa20941ad1c44d90cebf8769f0e416ba2da9a32b436155f8fd9fb1da8c9f1a9a587bb40ffba7c7a90242d15d5884ae168da726d3d55294f90b7ee18b80c0437127d57db584c07feebd23b5061ddb4b8ede6886affa445e188d72a7e0a05353c25a47947e53898531ffc03d423da52bc754456a29c0243e715314e33454196ee34a37c5e553bb4715b09c1bec6ca752f1397731716426b783b5f88ce756800d8e42c4a78cd3db8347e802bae57930ded0d1f0cf93153486cf884e8632117939848fb27c4b2365763f1838638e3c101e3bdfbfb94035aeb16ffee871f52a81e1df4ff17cfe1f045bcf8bb75e91d56d64c53e9ecbf01c89fbf2f8c54b5acbd012d6230333d1dd0e2f6d7f2490cc08577b71a4ff2a0476f413ad737f0a13dcdf5627b593e67da8e344234758e77dcc5230f70d66e9e02bee8d5b6712b1cf9a9ebd806b360e183c2ac2592e4cc22e12b0f58881f09cd7dd1b3716d669250a1bdc0fbca4a29d0c9e60993a972bc55cacc3504daa5fe80460feed66c0518ff1d73d52ee07daaff3887ec16c616f0a5acf9ca70639796034c416cc6833e0c9c0b40ca328ec0c83a99e73a7083e456da339f862b0be8feff9d329d16c1eca1586c9d64339ee35d2ba78d6d4154f3d927a008f9
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(76968);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2018/11/15");

  script_cve_id("CVE-2014-3269");
  script_bugtraq_id(67459);
  script_xref(name:"CISCO-BUG-ID", value:"CSCug65204");

  script_name(english:"Cisco IOS SNMP DoS (CSCug65204)");
  script_summary(english:"Checks the IOS version.");

  script_set_attribute(attribute:"synopsis", value:"The remote device is affected by a denial of service vulnerability.");
  script_set_attribute(attribute:"description", value:
"The remote Cisco device potentially contains an issue in the SNMP
module which may allow remote authenticated users to cause a denial of
service (device reload) via continuous SNMP polling requests.");
  # https://tools.cisco.com/security/center/viewAlert.x?alertId=34268
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?252ae070");
  script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewAlert.x?alertId=34268");
  script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID
CSCug65204.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/05/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/05/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");

  script_dependencies("cisco_ios_version.nasl");
  script_require_keys("Host/Cisco/IOS/Version");

  exit(0);
}

include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");

flag = 0;
override = 0;

# According to CSCug65204, the follow releases are affected :
# 15.1(2)SG, 15.1(2.0), 15.2(1)E, and 15.1(1)SG
version = get_kb_item_or_exit("Host/Cisco/IOS/Version");
if (
  version == '15.1(2)SG' ||
  version == '15.1(2.0)' ||
  version == '15.2(1)E' ||
  version == '15.1(1)SG'
) flag++;

if (flag)
{
  flag = 0;

  # Check for SUP7E or SUP7L-E modules
  if (get_kb_item("Host/local_checks_enabled"))
  {
    buf = cisco_command_kb_item("Host/Cisco/Config/show_module", "show module");
    if (check_cisco_result(buf))
    {
      if (preg(pattern:"WS-X45-SUP7L?-E ", multiline:TRUE, string:buf)) flag++;
    }
    else if (cisco_needs_enable(buf))
    {
      flag++;
      override++;
    }
  }

  # Check for 4500-X model
  model = get_kb_item_or_exit("Host/Cisco/IOS/Model");
  if (model =~ "Catalyst 45[0-9][0-9]-X($|[^0-9])") flag++;
}

if (flag)
{
  if (report_verbosity > 0)
  {
    report =
    '\n  Cisco Bug ID      : CSCug65204' +
    '\n  Installed release : ' + version +
    '\n';
    security_warning(port:0, extra:report + cisco_caveat(override));
  }
  else security_warning(port:0, extra:cisco_caveat(override));
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");