Lucene search
This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-20090727-WLC.NASLHistorySep 25, 2013 - 12:00 a.m.
Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20090727-wlc)
2013-09-2500:00:00
This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.007
Percentile
80.0%
The remote Cisco Wireless LAN Controller (WLC) is affected by one or more of the following vulnerabilities:
-
Malformed HTTP or HTTPS authentication response Denial of Service (CVE-2009-1164)
-
SSH connections Denial of Service (CVE-2009-1165)
-
Crafted HTTP or HTTPS request Denial of Service (CVE-2009-1166)
-
Crafted HTTP or HTTPS request unauthorized configuration modification vulnerability (CVE-2009-1167)
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(70123);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/08/20");
script_cve_id(
"CVE-2009-1164",
"CVE-2009-1165",
"CVE-2009-1166",
"CVE-2009-1167"
);
script_bugtraq_id(35805, 35817, 35818, 35819);
script_xref(name:"CISCO-BUG-ID", value:"CSXsx03715");
script_xref(name:"CISCO-BUG-ID", value:"CSCsw40789");
script_xref(name:"CISCO-BUG-ID", value:"CSCsy27708");
script_xref(name:"CISCO-BUG-ID", value:"CSCsy44672");
script_xref(name:"CISCO-SA", value:"cisco-sa-20090727-wlc");
script_name(english:"Multiple Vulnerabilities in Cisco Wireless LAN Controllers (cisco-sa-20090727-wlc)");
script_summary(english:"Checks the WLC version.");
script_set_attribute(
attribute:"synopsis",
value:"The remote device is missing a vendor-supplied security update."
);
script_set_attribute(
attribute:"description",
value:
"The remote Cisco Wireless LAN Controller (WLC) is affected by one or
more of the following vulnerabilities:
- Malformed HTTP or HTTPS authentication response Denial
of Service (CVE-2009-1164)
- SSH connections Denial of Service (CVE-2009-1165)
- Crafted HTTP or HTTPS request Denial of Service
(CVE-2009-1166)
- Crafted HTTP or HTTPS request unauthorized configuration
modification vulnerability (CVE-2009-1167)"
);
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090727-wlc
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8d7b9e59");
script_set_attribute(
attribute:"solution",
value:
"Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20090727-wlc."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(399);
script_set_attribute(attribute:"vuln_publication_date", value:"2009/07/27");
script_set_attribute(attribute:"patch_publication_date", value:"2009/07/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/25");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:wireless_lan_controller_software");
script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:wireless_lan_controller");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"CISCO");
script_dependencies("cisco_wlc_version.nasl");
script_require_keys("Host/Cisco/WLC/Version", "Host/Cisco/WLC/Port");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
version = get_kb_item_or_exit("Host/Cisco/WLC/Version");
model = get_kb_item_or_exit("Host/Cisco/WLC/Model");
port = get_kb_item_or_exit("Host/Cisco/WLC/Port");
if (
model !~ "15\d\d" &&
model !~ "20\d\d" &&
model !~ "21\d\d" &&
model !~ "41\d\d" &&
model !~ "42\d\d" &&
model !~ "44\d\d"
) audit(AUDIT_HOST_NOT, "affected");
fixed_version = "";
if (version =~ "^3\.2" && ver_compare(ver:version, fix:"3.2.215.0") == -1) fixed_version = "3.2.215.0";
else if (version =~ "^4\.1") fixed_version = "4.2 or later";
else if (version =~ "^4\.1.*M") fixed_version = "5.2, 6.0, or 4.2M";
else if (version =~ "^4\.2" && ver_compare(ver:version, fix:"4.2.205.0") == -1) fixed_version = "4.2.205.0";
else if (version =~ "^5\.0") fixed_version = "5.2 or 6.0";
else if (version =~ "^5\.1") fixed_version = "5.2 or 6.0";
else if (version =~ "^5\.2" && ver_compare(ver:version, fix:"5.2.191.0") == -1) fixed_version = "5.2.191.0";
else audit(AUDIT_HOST_NOT, "affected");
if (report_verbosity > 0)
{
report =
'\n Model : ' + model +
'\n Installed version : ' + version +
'\n Fixed version : ' + fixed_version +
'\n';
security_hole(port:port, extra:report);
}
else security_hole(port);
Related
securityvulns
securityvulns
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
2009-07-27 00:00:00
Cisco Wireless LAN Controllers multiple security vulnerabilities
2009-07-27 00:00:00
cisco
cisco
Multiple Vulnerabilities in Cisco Wireless LAN Controllers
2009-07-27 16:00:00
checkpoint_advisories
checkpoint_advisories
cve
cve
cvelist
cvelist
prion
prion
Memory corruption
2009-07-29 17:30:00
Design/Logic Flaw
2009-07-29 17:30:00
Design/Logic Flaw
2009-07-29 17:30:00
nvd
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.007
Percentile
80.0%
Related for CISCO-SA-20090727-WLC.NASL