CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
52.6%
The remote Cisco device potentially contains an issue which is potentially affected by errors related to handling Virtual Switching Systems (VSS) or Bidirectional Forwarding Detection (BFD) traffic that could allow denial of service attacks.
#TRUSTED 853ed8d2c1fd01bf8b451e8b55a5f79535eb33328df7694a11077ad5872a9b504ff7587db27b21f7b279ea855af8eb1a4c1352b84151a3627ce98eee43ce0add6fe6df84d2436822236f4639a36ac7acb3664ea81c0334e39c1fbb40dab42a932025bd54219db316e6e9828aea31194bb8afe0a16dd2991c88b639636e078ddfa654604ae2647fabea3a8fb47db1a9dc0525d56aeb8f7c6daaf1a1d7096f20552936892300b8ed9ed23d714276f3dafda6e6ac5c2eabeba8104e5e7b5b4ecd7ccfebcf58898eea1c01dec0062c10ad25070ef226e3b18897ec495707032c6e9743c1d003bc3498af80c2921b8f4e823d9b17e2f5b39582e35bd1c465f04fb09daf5d51e7651cc5e08eb5f70dc857f3f827f3b11fa2d83d729532bc09a5d8ec87b9af0cf203168e1f86fb69705e5f21591245bbbfa703067bcb717472779f7f88f6d5e601f1d237d2003e97ad97bc8d621d50fb457c04be2ffff2dfff2d128db7ff7c451ec29c87a782ac8bcabe8a90f1db7910ab6296ce62a56b6f7518e0d7314a63efbb4c80e1262a9fd105a47aba5f67fb3b5ee44475912a0821110aa8024e58eb3f8155b8c8413bd21af5e5ed1414afcd3e963fa299b3dc1b1e8dca55a21fe038b013812adf3551baea3eb968c011fd1d531dd6e0cc09612634f4d6b815524831b361f61094651652d322af15f373cb69e7879ef6ecf97b96624201ccf360
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(73828);
script_version("1.11");
script_cvs_date("Date: 2019/11/26");
script_cve_id("CVE-2014-2131");
script_bugtraq_id(66515);
script_xref(name:"CISCO-BUG-ID", value:"CSCug41049");
script_xref(name:"CISCO-BUG-ID", value:"CSCue61890");
script_name(english:"Cisco Catalyst 4000 Series Switch Denial of Service Vulnerability (CSCug41049 / CSCue61890)");
script_summary(english:"Checks the IOS version.");
script_set_attribute(attribute:"synopsis", value:
"The remote device is running a vulnerable IOS version.");
script_set_attribute(attribute:"description", value:
"The remote Cisco device potentially contains an issue which is
potentially affected by errors related to handling Virtual Switching
Systems (VSS) or Bidirectional Forwarding Detection (BFD) traffic that
could allow denial of service attacks.");
# https://tools.cisco.com/security/center/viewAlert.x?alertId=33558
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e566a186");
script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewAlert.x?alertId=33558");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug IDs
CSCug41049 and CSCue61890.");
script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-2131");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/03/28");
script_set_attribute(attribute:"patch_publication_date", value:"2014/03/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_version.nasl");
script_require_keys("Host/Cisco/IOS/Version", "Host/Cisco/IOS/Model");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");
version = get_kb_item_or_exit("Host/Cisco/IOS/Version");
flag1 = 0;
flag2 = 0;
# CSCug41049
if ( version == '15.2(1)IPI2' ) flag1++;
if ( version == '15.2(1)E' ) flag1++;
# CSCue61890
if ( version == '15.2(1)IPI2' ) flag2++;
# check model
model = get_kb_item("CISCO/model");
if (model)
{
if (model !~ "catalyst4[0-9][0-9][0-9]") audit(AUDIT_HOST_NOT, "affected");
}
else
{
model = get_kb_item_or_exit("Host/Cisco/IOS/Model");
if (model !~ "(^|[^0-9])4[0-9][0-9][0-9]($|[^0-9])") audit(AUDIT_HOST_NOT, "affected");
}
if (flag1 && flag2)
fix = 'CSCug41049 and CSCue61890';
else if (flag1 && !flag2)
fix = 'CSCug41049';
else if (!flag1 && flag2)
fix = 'CSCue61890';
override = FALSE;
if (get_kb_item("Host/local_checks_enabled"))
{
if (flag1 || flag2)
{
flag1 = 0;
flag2 = 0;
# Look for BFD
buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config");
if (check_cisco_result(buf))
{
if (preg(string:buf, pattern:"bfd\s+interval\s+\d+\s+min_rx\s+\d+\s+multiplier\s+\d", multiline:TRUE)) { flag1 = 1; flag2 = 1; }
}
else if (cisco_needs_enable(buf)) { flag1 = 1; flag2 = 1; override = TRUE; }
# Look for VSS
buf2 = cisco_command_kb_item("Host/Cisco/Config/show_mod", "show mod");
if (check_cisco_result(buf2))
{
if (preg(string:buf2, pattern:"Switch Number:\s+\d+\s+Role:\s+Virtual Switch Active", multiline:TRUE)) { flag1 = 1; flag2 = 1; override = FALSE; }
}
else if (cisco_needs_enable(buf2)) { flag1 = 1; flag2 = 1; override = TRUE; }
}
}
if (flag1 || flag2)
{
report =
'\n Cisco Bug ID : ' + fix +
'\n Installed release : ' + version + '\n';
security_warning(port:0, extra:report + cisco_caveat(override));
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");