5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.007 Low
EPSS
Percentile
80.7%
A defect in Cisco IOS Software running on all models of Gigabit Switch Routers (GSRs) configured with Gigabit Ethernet or Fast Ethernet cards may cause packets to be forwarded without correctly evaluating configured access control lists (ACLs). In addition to circumventing the access control lists, it is possible to stop an interface from forwarding any packets, thus causing a denial of service.
This vulnerability is documented as Cisco bug ID CSCdp35794.
#
# (C) Tenable Network Security, Inc.
#
# Script audit and contributions from Carmichael Security
# Erik Anderson <[email protected]> (nb: domain no longer exists)
# Added BugtraqID and CVE
#
include("compat.inc");
if(description)
{
script_id(10975);
script_version("1.22");
script_cve_id("CVE-2000-0700");
script_bugtraq_id(1541);
script_name(english:"Cisco Gigabit Switch Routers (GSR) Line Card Failure ACL Bypas (CSCdp35794)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch." );
script_set_attribute(attribute:"description", value:
"A defect in Cisco IOS Software running on all models of Gigabit
Switch Routers (GSRs) configured with Gigabit Ethernet or Fast
Ethernet cards may cause packets to be forwarded without correctly
evaluating configured access control lists (ACLs). In addition to
circumventing the access control lists, it is possible to stop an
interface from forwarding any packets, thus causing a denial of
service.
This vulnerability is documented as Cisco bug ID CSCdp35794." );
script_set_attribute(attribute:"solution", value:
"http://www.nessus.org/u?23472f49" );
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_publication_date", value: "2002/06/05");
script_cvs_date("Date: 2018/06/27 18:42:25");
script_set_attribute(attribute:"vuln_publication_date", value: "2000/08/03");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value: "cpe:/o:cisco:ios");
script_end_attributes();
script_summary(english:"Uses SNMP to determine if a flaw is present");
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is (C) 2002-2018 Tenable Network Security, Inc.");
script_family(english:"CISCO");
script_dependencie("snmp_sysDesc.nasl", "snmp_cisco_type.nasl");
script_require_keys("SNMP/community", "SNMP/sysDesc", "CISCO/model");
exit(0);
}
# The code starts here
ok=0;
os = get_kb_item("SNMP/sysDesc"); if(!os)exit(0);
hardware = get_kb_item("CISCO/model"); if(!hardware)exit(0);
# Check for the required hardware...
#----------------------------------------------------------------
# cisco12008
if(ereg(string:hardware, pattern:"^cisco12008$"))ok=1;
# cisco12012
if(ereg(string:hardware, pattern:"^cisco12012$"))ok=1;
# cisco12016
if(ereg(string:hardware, pattern:"^cisco12016$"))ok=1;
if(!ok)exit(0);
ok = 0;
# Check for the required operating system...
#----------------------------------------------------------------
# Is this IOS ?
if(!egrep(pattern:".*(Internetwork Operating|IOS).*", string:os))exit(0);
# 11.2GS
if(egrep(string:os, pattern:"(11\.2\(([0-9]|1[0-8])\)|11\.2)GS[0-9]*,"))ok=1;
# 12.0S
if(egrep(string:os, pattern:"(12\.0\([0-8]\)|12\.0)S[0-9]*,"))ok=1;
# 12.0SC
if(egrep(string:os, pattern:"(12\.0\([0-8]\)|12\.0)SC[0-9]*,"))ok=1;
#----------------------------------------------
if(ok)security_warning(port:161, proto:"udp");