Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is (C) 2012-2018 Tenable Network Security, Inc.CISCO-SR-20051220-EIGRP.NASL
HistoryJan 10, 2012 - 12:00 a.m.

Cisco EIGRP Multiple Vulnerabilities

2012-01-1000:00:00
This script is (C) 2012-2018 Tenable Network Security, Inc.
www.tenable.com
64
JSON

On December 20 2005, Cisco released a security response for several vulnerabilities in the EIGRP implementation in IOS. Exploitation of these vulnerabilities could result in a denial of service via ARP flooding. This plugin checks if the appropriate fix for the advisory has been installed.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(17788);
 script_version("1.7");
 script_cvs_date("Date: 2018/11/15 20:50:20");

 script_cve_id("CVE-2002-2208");
 script_bugtraq_id(6443);
 script_xref(name:"CISCO-BUG-ID", value:"CSCsc13698");
 script_xref(name:"CISCO-BUG-ID", value:"CSCsc13724");
 script_xref(name:"CISCO-SR", value:"cisco-sr-20051220-eigrp");

 script_name(english:"Cisco EIGRP Multiple Vulnerabilities");
 script_summary(english:"Checks the version of Cisco IOS.");

 script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
 script_set_attribute(attribute:"description", value:
"On December 20 2005, Cisco released a security response for several
vulnerabilities in the EIGRP implementation in IOS. Exploitation of
these vulnerabilities could result in a denial of service via ARP
flooding. This plugin checks if the appropriate fix for the advisory
has been installed.");
 # https://www.cisco.com/c/en/us/support/web/field-notice-overview.html
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?44e94cb9");
 # https://web.archive.org/web/20130103085342/http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1ceigrp.html
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?bac57393");
 # https://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?5ae6a14c");
 # http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801a1a55.shtml
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?1b8ae5b5");
 # https://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfrpf.html
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?3b4c3b97");
 # https://web.archive.org/web/20120508050313/http://www.cisco.com/en/US/docs/ios/12_3/12_3x/12_3xa/gt_802_1.html
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?c51e38ab");
 # https://web.archive.org/web/20121103030857/http://www.cisco.com/en/US/docs/ios/12_3t/ip_route/command/reference/ip2_i1gt.html
 script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?576186d2");
 script_set_attribute(attribute:"solution", value:"Upgrade to 12.0(6.3)PI, 12.0(6.3)T, 12.0(6.3)XE1, 12.0(7)T or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

 script_set_attribute(attribute:"vuln_publication_date", value:"2002/12/19");
 script_set_attribute(attribute:"patch_publication_date", value:"2002/12/19");
 script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/10");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is (C) 2012-2018 Tenable Network Security, Inc.");
 script_family(english:"CISCO");

 script_dependencie("cisco_ios_version.nasl");
 script_require_keys("Host/Cisco/IOS/Version");
 exit(0);
}

include("cisco_func.inc");

version = get_kb_item_or_exit("Host/Cisco/IOS/Version");

# Affected: 12.0PI
if (check_release(version: version,
                  patched: make_list("12.0(6.3)PI") ))
{
  security_hole(port:0, extra:'\nUpdate to ' + patch_update + ' or later.\n'); 
  exit(0);
}
# Affected: 12.0T
if (check_release(version: version,
                  patched: make_list("12.0(6.3)T") ))
{
  security_hole(port:0, extra:'\nUpdate to ' + patch_update + ' or later.\n'); 
  exit(0);
}
# Affected: 12.0XE1
if (check_release(version: version,
                  patched: make_list("12.0(6.3)XE1") ))
{
  security_hole(port:0, extra:'\nUpdate to ' + patch_update + ' or later.\n'); 
  exit(0);
}
# Affected: 12.0T
if (check_release(version: version,
                  patched: make_list("12.0(7)T") ))
{
  security_hole(port:0, extra:'\nUpdate to ' + patch_update + ' or later.\n'); 
  exit(0);
}
exit(0, "The host is not affected.");
VendorProductVersionCPE
ciscoioscpe:/o:cisco:ios

Related

cve 1
cve
cve
CVE-2002-2208
2002-12-31 05:00:00
JSON
Related for CISCO-SR-20051220-EIGRP.NASL
cve1