CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
72.1%
The remote Cisco device is potentially affected by an issue related to the handling of certain parameters in Locator/ID Separation Protocol (LISP) control messages sent to the ingress tunnel router (ITR) component. A remote, unauthenticated attacker could exploit this issue by sending specially crafted LISP control messages to cause a denial of service.
#TRUSTED 325886ce1788bdc3c5d4240d8edfdc1301ee2231abe9377e90562cebebbbd94a85f6a04a230ec1d82520aa7d7fbee1d4056e81279e7dec021894e2a2ddf1b40f886a79f5cc032c5fa21509615f6c2000efc607be7a785d0c1c94cf1352c27948bfab75d632591e07a491334795b77408e3872fba98f634468fa221b58fc81d1cd1c516ca5b1c6b7648709e5b712336ed383f75d6ccd106a2c3581987b82a7e9ecf111c4ffbbd9c5e08384fdb19d0561313426faa9ebafa640358e7c7c99a9cb3ff7e71a61a67cffbe3347eb0354227ad33ff625284fa4f3164c7fc73f265254075e3e05a88ac33a9cc0cd1c3e8ddb3dcd2910b7740e5bf7563700c9e478d63fc808fc2fde9a7df62dcd396d26caa0dc876c9c773ea2815b11eead3f0854bef1cc9a4ac06d73f192ebd18d5bd353f9edb9caa936479b229d2777a29ba6a116f1b2f634a77e9b2fa95d379896c702b8b1c16bf79cb1884c984a1e4e635c388977aa8da93aa6bef3bfda44bcdc47933701703f4437b9463cee7e085cb1c3eac2bc1599043a6ad12e94ebb752fa23b1971ec5657a402f528f2042121d48fe835436840f8afe3c5ae2974f20041d55f74a056c30e6b7ce783eb9b82e328be8b0de7a563538c9ac04e7874ba14abe028babad8150d3a49fe287abd96da20de34a7ce9cdf837e270270fb2a256eb7bdcd3272e4affc7b3c7a3311733b0a7f4d1652e780
#TRUST-RSA-SHA256 8bd61d6985c519a0e3062433ae6c205569f76228bea9aa683a23e0255ba93ada99c04b4c1c318e0a0b41fe6144db3f462ffac409a03ba5b5a67ecd841d175c1dc7603cb267cd8827f77874e54c7cb53baf60650c2bfdf4718fb46161d1f85bcbc9860557497a8fbe7ddd4b33796586e3911f74df09a35f861d23dd680fd9e7184c6166b93ce46fe49e82db54a4690f14e2b2a802e87cc540bf8b5a0229f1fa7ac704eb2375e5e970629753316e6b77beb213211fbf9602e13cccad25a3baf57a053518ed43fac60fceaa9c262c2f92eaa84956c75e7244f0d68c3c7e7d839cd88c373c329e5fb91f98d4dc458c8f4db28e03bb2996bc9ff28fbca4892d9065cf3f23d178b93c4c50398916058445356ae884d7865932008aea8bc56ab11901c6ed669696e7e8a90994d62a169e437de5c21a6e0bf6c9fbafeeb6cbeb19ebee47d6fd13275466df38d360465c30e46982f1d36c68f47d99cd58a2b23cda44c66a034419d323f370cf3fe3d24ba5a9fd8832af1af2a3bd3ed235726fbddf7754c76e691dd2c5587f42972bd05347fc4f2616599484f7c415215fad687554c22a339ca94fa1db62d7fef9649633dcc018fc1fe2177de6128bd3e62c0f8ee7e78d8daa3734cdbd8c22b73cdcd22c5b6ac8a9dba7fe50d452100829c1474da22443cb040301373b0b1e09be5c37d46086fc1eb41321a94e012262e8ccd325d2e46046
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(79250);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/03");
script_cve_id("CVE-2014-3262");
script_bugtraq_id(67399);
script_xref(name:"CISCO-BUG-ID", value:"CSCun73782");
script_name(english:"Cisco IOS XE LISP ITR DoS (CSCun73782)");
script_summary(english:"Checks IOS XE version.");
script_set_attribute(attribute:"synopsis", value:
"The remote device is running a vulnerable IOS XE version.");
script_set_attribute(attribute:"description", value:
"The remote Cisco device is potentially affected by an issue related to
the handling of certain parameters in Locator/ID Separation Protocol
(LISP) control messages sent to the ingress tunnel router (ITR)
component. A remote, unauthenticated attacker could exploit this issue
by sending specially crafted LISP control messages to cause a denial
of service.");
# https://tools.cisco.com/security/center/viewAlert.x?alertId=34233
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1b307af3");
script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewAlert.x?alertId=34233");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID
CSCun73782.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-3262");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/05/14");
script_set_attribute(attribute:"patch_publication_date", value:"2014/05/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/14");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xe");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2014-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_xe_version.nasl");
script_require_keys("Host/Cisco/IOS-XE/Version");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");
version = get_kb_item_or_exit("Host/Cisco/IOS-XE/Version");
if (version !~ "^3\.10\.[0-2]S$" && version !~ "^3\.11\.[01]S$") audit(AUDIT_INST_VER_NOT_VULN, "Cisco IOS XE software", version);
flag = FALSE;
override = FALSE;
if (get_kb_item("Host/local_checks_enabled"))
{
buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config");
if (check_cisco_result(buf))
{
if (preg(multiline:TRUE, pattern:"^\s+ipv[46]\sitr(\s|$)", string:buf))
flag = TRUE;
}
else if (cisco_needs_enable(buf)) override = TRUE;
}
if (!flag && !override) audit(AUDIT_HOST_NOT, "affected");
if (report_verbosity > 0)
{
report =
'\n Cisco Bug ID : CSCun73782' +
'\n Installed release : ' + version +
'\n';
security_warning(port:0, extra:report+cisco_caveat(override));
}
else security_warning(port:0, extra:cisco_caveat(override));