Cisco IOS Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability. A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation code of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an exhaustion of available memory or a reload of the affected system
Reporter | Title | Published | Views | Family All 11 |
---|---|---|---|---|
Cvelist | CVE-2016-6381 | 5 Oct 201617:00 | – | cvelist |
Tenable Nessus | Rockwell Automation Stratix Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service (CVE-2016-6381) | 15 Nov 202300:00 | – | nessus |
Tenable Nessus | Cisco IOS IKEv1 Fragmentation DoS (cisco-sa-20160928-ios-ikev1) | 14 Nov 201600:00 | – | nessus |
Tenable Nessus | Cisco IOS XE IKEv1 Fragmentation DoS (cisco-sa-20160928-ikev1) | 14 Nov 201600:00 | – | nessus |
Prion | Design/Logic Flaw | 5 Oct 201617:59 | – | prion |
NVD | CVE-2016-6381 | 5 Oct 201617:59 | – | nvd |
Cisco | Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability | 28 Sep 201616:00 | – | cisco |
CVE | CVE-2016-6381 | 5 Oct 201617:59 | – | cve |
OpenVAS | Cisco IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability | 29 Sep 201600:00 | – | openvas |
ThreatPost | Cisco Warns of Critical Flaw in Email Security Appliances | 29 Sep 201612:21 | – | threatpost |
# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/o:cisco:ios";
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.106307");
script_cve_id("CVE-2016-6381");
script_tag(name:"cvss_base", value:"7.1");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_version("2023-07-21T05:05:22+0000");
script_name("Cisco IOS Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability");
script_xref(name:"URL", value:"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"solution", value:"See the referenced vendor advisory for a solution.");
script_tag(name:"summary", value:"A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation
code of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an exhaustion of available
memory or a reload of the affected system.");
script_tag(name:"insight", value:"The vulnerability is due to the improper handling of crafted, fragmented
IKEv1 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected
system.");
script_tag(name:"impact", value:"An exploit could allow the attacker to cause a reload of the affected
system.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"last_modification", value:"2023-07-21 05:05:22 +0000 (Fri, 21 Jul 2023)");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-09-29 12:12:00 +0000 (Tue, 29 Sep 2020)");
script_tag(name:"creation_date", value:"2016-09-29 15:08:49 +0700 (Thu, 29 Sep 2016)");
script_category(ACT_GATHER_INFO);
script_family("CISCO");
script_copyright("Copyright (C) 2016 Greenbone AG");
script_dependencies("gb_ssh_cisco_ios_get_version.nasl");
script_mandatory_keys("cisco_ios/version");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if( ! version = get_app_version( cpe:CPE ) ) exit( 0 );
affected = make_list(
'12.4(22)GC1',
'12.4(24)GC1',
'12.4(24)GC3',
'12.4(24)GC3a',
'12.4(24)GC4',
'12.4(24)GC5',
'12.4(22)MD',
'12.4(22)MD1',
'12.4(22)MD2',
'12.4(24)MD',
'12.4(24)MD1',
'12.4(24)MD2',
'12.4(24)MD3',
'12.4(24)MD4',
'12.4(24)MD5',
'12.4(24)MD6',
'12.4(24)MD7',
'12.4(22)MDA',
'12.4(22)MDA1',
'12.4(22)MDA2',
'12.4(22)MDA3',
'12.4(22)MDA4',
'12.4(22)MDA5',
'12.4(22)MDA6',
'12.4(24)MDA1',
'12.4(24)MDA10',
'12.4(24)MDA11',
'12.4(24)MDA12',
'12.4(24)MDA13',
'12.4(24)MDA2',
'12.4(24)MDA3',
'12.4(24)MDA4',
'12.4(24)MDA5',
'12.4(24)MDA6',
'12.4(24)MDA7',
'12.4(24)MDA8',
'12.4(24)MDA9',
'12.4(24)MDB',
'12.4(24)MDB1',
'12.4(24)MDB10',
'12.4(24)MDB11',
'12.4(24)MDB12',
'12.4(24)MDB13',
'12.4(24)MDB14',
'12.4(24)MDB15',
'12.4(24)MDB16',
'12.4(24)MDB17',
'12.4(24)MDB18',
'12.4(24)MDB19',
'12.4(24)MDB3',
'12.4(24)MDB4',
'12.4(24)MDB5',
'12.4(24)MDB5a',
'12.4(24)MDB6',
'12.4(24)MDB7',
'12.4(24)MDB8',
'12.4(24)MDB9',
'12.4(20)MR',
'12.4(20)MR2',
'12.4(20)MRB',
'12.4(20)MRB1',
'12.4(15)T10',
'12.4(15)T11',
'12.4(15)T12',
'12.4(15)T13',
'12.4(15)T14',
'12.4(15)T15',
'12.4(15)T16',
'12.4(15)T17',
'12.4(15)T7',
'12.4(15)T8',
'12.4(15)T9',
'12.4(20)T1',
'12.4(20)T2',
'12.4(20)T3',
'12.4(20)T4',
'12.4(20)T5',
'12.4(20)T6',
'12.4(22)T',
'12.4(22)T1',
'12.4(22)T2',
'12.4(22)T3',
'12.4(22)T4',
'12.4(22)T5',
'12.4(24)T',
'12.4(24)T1',
'12.4(24)T2',
'12.4(24)T3',
'12.4(24)T3e',
'12.4(24)T3f',
'12.4(24)T4',
'12.4(24)T4a',
'12.4(24)T4b',
'12.4(24)T4c',
'12.4(24)T4d',
'12.4(24)T4e',
'12.4(24)T4f',
'12.4(24)T4l',
'12.4(24)T5',
'12.4(24)T6',
'12.4(24)T7',
'12.4(24)T8',
'12.4(15)XL4',
'12.4(15)XL5',
'12.4(22)XR1',
'12.4(22)XR10',
'12.4(22)XR11',
'12.4(22)XR12',
'12.4(22)XR2',
'12.4(22)XR3',
'12.4(22)XR4',
'12.4(22)XR5',
'12.4(22)XR6',
'12.4(22)XR7',
'12.4(22)XR8',
'12.4(22)XR9',
'12.4(22)YB',
'12.4(22)YB1',
'12.4(22)YB2',
'12.4(22)YB3',
'12.4(22)YB4',
'12.4(22)YB5',
'12.4(22)YB6',
'12.4(22)YB7',
'12.4(22)YB8',
'12.4(22)YD',
'12.4(22)YD1',
'12.4(22)YD2',
'12.4(22)YD3',
'12.4(22)YD4',
'12.4(22)YE',
'12.4(22)YE1',
'12.4(22)YE2',
'12.4(22)YE3',
'12.4(22)YE4',
'12.4(22)YE5',
'12.4(22)YE6',
'12.4(24)YE',
'12.4(24)YE1',
'12.4(24)YE2',
'12.4(24)YE3',
'12.4(24)YE3a',
'12.4(24)YE3b',
'12.4(24)YE3c',
'12.4(24)YE3d',
'12.4(24)YE3e',
'12.4(24)YE4',
'12.4(24)YE5',
'12.4(24)YE6',
'12.4(24)YE7',
'12.4(24)YG1',
'12.4(24)YG2',
'12.4(24)YG3',
'12.4(24)YG4',
'15.0(2)EB',
'15.0(2)EC',
'15.0(2)ED',
'15.0(2)ED1',
'15.0(2)EH',
'15.0(2)EJ',
'15.0(2)EJ1',
'15.0(2)EK',
'15.0(2)EK1',
'15.0(2)EX',
'15.0(2)EX1',
'15.0(2)EX10',
'15.0(2)EX2',
'15.0(2)EX3',
'15.0(2)EX4',
'15.0(2)EX5',
'15.0(2)EX8',
'15.0(2a)EX5',
'15.0(2)EY',
'15.0(2)EY1',
'15.0(2)EY2',
'15.0(2)EY3',
'15.0(2)EZ',
'15.0(1)M',
'15.0(1)M1',
'15.0(1)M10',
'15.0(1)M2',
'15.0(1)M3',
'15.0(1)M4',
'15.0(1)M5',
'15.0(1)M6',
'15.0(1)M7',
'15.0(1)M8',
'15.0(1)M9',
'15.0(1)MR',
'15.0(2)MR',
'15.0(1)S',
'15.0(1)S1',
'15.0(1)S2',
'15.0(1)S3a',
'15.0(1)S4',
'15.0(1)S4a',
'15.0(1)S5',
'15.0(1)S6',
'15.0(2)SE',
'15.0(2)SE1',
'15.0(2)SE2',
'15.0(2)SE3',
'15.0(2)SE4',
'15.0(2)SE5',
'15.0(2)SE6',
'15.0(2)SE7',
'15.0(2)SE9',
'15.0(2a)SE9',
'15.0(1)XA',
'15.0(1)XA1',
'15.0(1)XA2',
'15.0(1)XA3',
'15.0(1)XA4',
'15.0(1)XA5',
'15.1(2)EY',
'15.1(2)EY1a',
'15.1(2)EY2',
'15.1(2)EY2a',
'15.1(2)EY3',
'15.1(2)EY4',
'15.1(2)GC',
'15.1(2)GC1',
'15.1(2)GC2',
'15.1(4)GC',
'15.1(4)GC1',
'15.1(4)GC2',
'15.1(4)M',
'15.1(4)M1',
'15.1(4)M10',
'15.1(4)M12a',
'15.1(4)M2',
'15.1(4)M3',
'15.1(4)M3a',
'15.1(4)M4',
'15.1(4)M5',
'15.1(4)M6',
'15.1(4)M7',
'15.1(4)M8',
'15.1(4)M9',
'15.1(1)MR',
'15.1(1)MR1',
'15.1(1)MR2',
'15.1(1)MR3',
'15.1(1)MR4',
'15.1(3)MR',
'15.1(3)MRA',
'15.1(3)MRA1',
'15.1(3)MRA2',
'15.1(3)MRA3',
'15.1(3)MRA4',
'15.1(1)S',
'15.1(1)S1',
'15.1(1)S2',
'15.1(2)S',
'15.1(2)S1',
'15.1(2)S2',
'15.1(3)S',
'15.1(3)S0a',
'15.1(3)S1',
'15.1(3)S2',
'15.1(3)S3',
'15.1(3)S4',
'15.1(3)S5',
'15.1(3)S5a',
'15.1(3)S6',
'15.1(1)SG',
'15.1(1)SG1',
'15.1(1)SG2',
'15.1(2)SG',
'15.1(2)SG1',
'15.1(2)SG2',
'15.1(2)SG3',
'15.1(2)SG4',
'15.1(2)SG5',
'15.1(2)SG6',
'15.1(2)SG7',
'15.1(2)SNG',
'15.1(2)SNH',
'15.1(2)SNI',
'15.1(2)SNI1',
'15.1(3)SVB1',
'15.1(3)SVD',
'15.1(3)SVD1',
'15.1(3)SVD2',
'15.1(3)SVE',
'15.1(3)SVF',
'15.1(3)SVF1',
'15.1(3)SVF4a',
'15.1(1)SY',
'15.1(1)SY1',
'15.1(1)SY2',
'15.1(1)SY3',
'15.1(1)SY4',
'15.1(1)SY5',
'15.1(1)SY6',
'15.1(2)SY',
'15.1(2)SY1',
'15.1(2)SY2',
'15.1(2)SY3',
'15.1(2)SY4',
'15.1(2)SY4a',
'15.1(2)SY5',
'15.1(2)SY6',
'15.1(2)SY7',
'15.1(1)T',
'15.1(1)T1',
'15.1(1)T2',
'15.1(1)T3',
'15.1(1)T4',
'15.1(1)T5',
'15.1(2)T',
'15.1(2)T0a',
'15.1(2)T1',
'15.1(2)T2',
'15.1(2)T2a',
'15.1(2)T3',
'15.1(2)T4',
'15.1(2)T5',
'15.1(3)T',
'15.1(3)T1',
'15.1(3)T2',
'15.1(3)T3',
'15.1(3)T4',
'15.1(1)XB',
'15.2(1)E',
'15.2(1)E1',
'15.2(1)E2',
'15.2(1)E3',
'15.2(2)E',
'15.2(2)E1',
'15.2(2)E2',
'15.2(2)E4',
'15.2(2a)E1',
'15.2(3)E',
'15.2(3)E1',
'15.2(3)E2',
'15.2(3)E3',
'15.2(3a)E',
'15.2(3m)E2',
'15.2(3m)E3',
'15.2(3m)E8',
'15.2(4)E',
'15.2(4)E1',
'15.2(4m)E1',
'15.2(2)EB',
'15.2(2)EB1',
'15.2(2)EB2',
'15.2(1)EY',
'15.2(1)GC',
'15.2(1)GC1',
'15.2(1)GC2',
'15.2(2)GC',
'15.2(3)GC',
'15.2(3)GC1',
'15.2(4)GC',
'15.2(4)GC1',
'15.2(4)GC2',
'15.2(4)GC3',
'15.2(2)JA',
'15.2(2)JA1',
'15.2(4)JA',
'15.2(4)JA1',
'15.2(2)JAX',
'15.2(2)JAX1',
'15.2(2)JB',
'15.2(2)JB2',
'15.2(2)JB3',
'15.2(2)JB4',
'15.2(2)JB5',
'15.2(4)JB',
'15.2(4)JB1',
'15.2(4)JB2',
'15.2(4)JB3',
'15.2(4)JB3a',
'15.2(4)JB3b',
'15.2(4)JB3h',
'15.2(4)JB3s',
'15.2(4)JB4',
'15.2(4)JB5',
'15.2(4)JB5h',
'15.2(4)JB5m',
'15.2(4)JB50',
'15.2(4)JB6',
'15.2(4)JB7',
'15.2(2)JN1',
'15.2(2)JN2',
'15.2(4)JN',
'15.2(4)M',
'15.2(4)M1',
'15.2(4)M10',
'15.2(4)M11',
'15.2(4)M2',
'15.2(4)M3',
'15.2(4)M4',
'15.2(4)M5',
'15.2(4)M6',
'15.2(4)M6a',
'15.2(4)M7',
'15.2(4)M8',
'15.2(4)M9',
'15.2(1)S',
'15.2(1)S1',
'15.2(1)S2',
'15.2(2)S',
'15.2(2)S0a',
'15.2(2)S0c',
'15.2(2)S1',
'15.2(2)S2',
'15.2(4)S',
'15.2(4)S1',
'15.2(4)S2',
'15.2(4)S3',
'15.2(4)S3a',
'15.2(4)S4',
'15.2(4)S4a',
'15.2(4)S5',
'15.2(4)S6',
'15.2(4)S7',
'15.2(2)SNG',
'15.2(2)SNH1',
'15.2(2)SNI',
'15.2(1)SY',
'15.2(1)SY0a',
'15.2(1)SY1',
'15.2(1)SY1a',
'15.2(1)SY2',
'15.2(2)SY',
'15.2(2)SY1',
'15.2(1)T',
'15.2(1)T1',
'15.2(1)T2',
'15.2(1)T3',
'15.2(1)T3a',
'15.2(1)T4',
'15.2(2)T',
'15.2(2)T1',
'15.2(2)T2',
'15.2(2)T3',
'15.2(2)T4',
'15.2(3)T',
'15.2(3)T1',
'15.2(3)T2',
'15.2(3)T3',
'15.2(3)T4',
'15.3(3)JA',
'15.3(3)JA1',
'15.3(3)JA1m',
'15.3(3)JA1n',
'15.3(3)JA4',
'15.3(3)JA5',
'15.3(3)JA6',
'15.3(3)JA7',
'15.3(3)JA77',
'15.3(3)JA8',
'15.3(3)JA9',
'15.3(3)JAA',
'15.3(3)JAB',
'15.3(3)JAX',
'15.3(3)JAX1',
'15.3(3)JAX2',
'15.3(3)JB',
'15.3(3)JB75',
'15.3(3)JBB',
'15.3(3)JBB1',
'15.3(3)JBB2',
'15.3(3)JBB4',
'15.3(3)JBB5',
'15.3(3)JBB50',
'15.3(3)JBB6',
'15.3(3)JBB6a',
'15.3(3)JBB8',
'15.3(3)JC',
'15.3(3)JN3',
'15.3(3)JN4',
'15.3(3)JN7',
'15.3(3)JN8',
'15.3(3)JNB',
'15.3(3)JNB1',
'15.3(3)JNB2',
'15.3(3)JNB3',
'15.3(3)JNC',
'15.3(3)JNC1',
'15.3(3)JNP',
'15.3(3)JNP1',
'15.3(3)M',
'15.3(3)M1',
'15.3(3)M2',
'15.3(3)M3',
'15.3(3)M4',
'15.3(3)M5',
'15.3(3)M6',
'15.3(3)M7',
'15.3(1)S',
'15.3(1)S1',
'15.3(1)S2',
'15.3(2)S',
'15.3(2)S0a',
'15.3(2)S1',
'15.3(2)S2',
'15.3(3)S',
'15.3(3)S1',
'15.3(3)S1a',
'15.3(3)S2',
'15.3(3)S3',
'15.3(3)S4',
'15.3(3)S5',
'15.3(3)S6',
'15.3(3)S7',
'15.3(1)SY',
'15.3(1)T',
'15.3(1)T1',
'15.3(1)T2',
'15.3(1)T3',
'15.3(1)T4',
'15.3(2)T',
'15.3(2)T1',
'15.3(2)T2',
'15.3(2)T3',
'15.3(2)T4',
'15.4(1)CG',
'15.4(1)CG1',
'15.4(2)CG',
'15.4(3)M',
'15.4(3)M1',
'15.4(3)M2',
'15.4(3)M3',
'15.4(3)M4',
'15.4(3)M5',
'15.4(1)S',
'15.4(1)S1',
'15.4(1)S2',
'15.4(1)S3',
'15.4(1)S4',
'15.4(2)S',
'15.4(2)S1',
'15.4(2)S2',
'15.4(2)S3',
'15.4(2)S4',
'15.4(3)S',
'15.4(3)S1',
'15.4(3)S2',
'15.4(3)S3',
'15.4(3)S4',
'15.4(3)S5',
'15.4(1)T',
'15.4(1)T1',
'15.4(1)T2',
'15.4(1)T3',
'15.4(1)T4',
'15.4(2)T',
'15.4(2)T1',
'15.4(2)T2',
'15.4(2)T3',
'15.4(2)T4',
'15.5(3)M',
'15.5(3)M0a',
'15.5(3)M1',
'15.5(3)M2',
'15.5(1)S',
'15.5(1)S1',
'15.5(1)S2',
'15.5(1)S3',
'15.5(2)S',
'15.5(2)S1',
'15.5(2)S2',
'15.5(2)S3',
'15.5(3)S',
'15.5(3)S0a',
'15.5(3)S1',
'15.5(3)S1a',
'15.5(3)S2',
'15.5(3)SN',
'15.5(1)T4',
'15.5(2)T4',
'15.5(1)T',
'15.5(1)T1',
'15.5(1)T2',
'15.5(1)T3',
'15.5(2)T',
'15.5(2)T1',
'15.5(2)T2',
'15.5(2)T3',
'15.6(1)S',
'15.6(1)S1',
'15.6(2)S',
'15.6(2)SN',
'15.6(1)T',
'15.6(1)T0a',
'15.6(1)T1' );
foreach af ( affected )
{
if( version == af )
{
report = report_fixed_ver( installed_version:version, fixed_version: "See advisory" );
security_message( port:0, data:report );
exit( 0 );
}
}
exit( 99 );
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo