Vulnerability in Cisco IOS and IOS XE Software IKEv1 Fragmentation Code
Reporter | Title | Published | Views | Family All 11 |
---|---|---|---|---|
Cvelist | CVE-2016-6381 | 5 Oct 201617:00 | – | cvelist |
OpenVAS | Cisco IOS Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability | 29 Sep 201600:00 | – | openvas |
OpenVAS | Cisco IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability | 29 Sep 201600:00 | – | openvas |
Tenable Nessus | Cisco IOS IKEv1 Fragmentation DoS (cisco-sa-20160928-ios-ikev1) | 14 Nov 201600:00 | – | nessus |
Tenable Nessus | Cisco IOS XE IKEv1 Fragmentation DoS (cisco-sa-20160928-ikev1) | 14 Nov 201600:00 | – | nessus |
Prion | Design/Logic Flaw | 5 Oct 201617:59 | – | prion |
NVD | CVE-2016-6381 | 5 Oct 201617:59 | – | nvd |
Cisco | Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability | 28 Sep 201616:00 | – | cisco |
CVE | CVE-2016-6381 | 5 Oct 201617:59 | – | cve |
ThreatPost | Cisco Warns of Critical Flaw in Email Security Appliances | 29 Sep 201612:21 | – | threatpost |
Source | Link |
---|---|
nessus | www.nessus.org/u |
nessus | www.nessus.org/u |
nessus | www.nessus.org/u |
cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501814);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/16");
script_cve_id("CVE-2016-6381");
script_name(english:"Rockwell Automation Stratix Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service (CVE-2016-6381)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation
code of Cisco IOS and IOS XE Software could allow an unauthenticated,
remote attacker to cause an exhaustion of available memory or a reload
of the affected system.
The vulnerability is due to the improper handling of crafted,
fragmented IKEv1 packets. An attacker could exploit this vulnerability
by sending crafted UDP packets to the affected system.
An exploit could allow the attacker to cause a reload of the affected system.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
# https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?58928e5a");
# https://www.rockwellautomation.com/en-us/support/advisory.PN965.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?141f2981");
# https://www.cisa.gov/news-events/ics-advisories/icsa-17-094-04
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c7bf8ef2");
script_set_attribute(attribute:"solution", value:
"Rockwell Automation has provided a new firmware version,
Version 15.6.3, to mitigate these vulnerabilities.
See Rockwell Automation's security advisory for more information.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-6381");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(755);
script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/05");
script_set_attribute(attribute:"patch_publication_date", value:"2016/10/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/15");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/h:rockwellautomation:allen-bradley_stratix_5900_industrial_managed_ethernet_switch");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Rockwell");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Rockwell');
var asset = tenable_ot::assets::get(vendor:'Rockwell');
var vuln_cpes = {
"cpe:/h:rockwellautomation:allen-bradley_stratix_5900_industrial_managed_ethernet_switch" :
{"versionEndExcluding" : "15.6.3", "family" : "Stratix"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo