CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
EPSS
Percentile
44.8%
The remote Cisco device potentially contains an issue in the SNMP module which may allow remote authenticated users to cause a denial of service (device reload) via continuous SNMP polling requests.
#TRUSTED 3b841dba05278b789f803028996c48390c696376b23dad23adc34528b9ae60f1ca81dfd642c574e8e87e4aa5304d6fcf7cffa20941ad1c44d90cebf8769f0e416ba2da9a32b436155f8fd9fb1da8c9f1a9a587bb40ffba7c7a90242d15d5884ae168da726d3d55294f90b7ee18b80c0437127d57db584c07feebd23b5061ddb4b8ede6886affa445e188d72a7e0a05353c25a47947e53898531ffc03d423da52bc754456a29c0243e715314e33454196ee34a37c5e553bb4715b09c1bec6ca752f1397731716426b783b5f88ce756800d8e42c4a78cd3db8347e802bae57930ded0d1f0cf93153486cf884e8632117939848fb27c4b2365763f1838638e3c101e3bdfbfb94035aeb16ffee871f52a81e1df4ff17cfe1f045bcf8bb75e91d56d64c53e9ecbf01c89fbf2f8c54b5acbd012d6230333d1dd0e2f6d7f2490cc08577b71a4ff2a0476f413ad737f0a13dcdf5627b593e67da8e344234758e77dcc5230f70d66e9e02bee8d5b6712b1cf9a9ebd806b360e183c2ac2592e4cc22e12b0f58881f09cd7dd1b3716d669250a1bdc0fbca4a29d0c9e60993a972bc55cacc3504daa5fe80460feed66c0518ff1d73d52ee07daaff3887ec16c616f0a5acf9ca70639796034c416cc6833e0c9c0b40ca328ec0c83a99e73a7083e456da339f862b0be8feff9d329d16c1eca1586c9d64339ee35d2ba78d6d4154f3d927a008f9
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(76968);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2018/11/15");
script_cve_id("CVE-2014-3269");
script_bugtraq_id(67459);
script_xref(name:"CISCO-BUG-ID", value:"CSCug65204");
script_name(english:"Cisco IOS SNMP DoS (CSCug65204)");
script_summary(english:"Checks the IOS version.");
script_set_attribute(attribute:"synopsis", value:"The remote device is affected by a denial of service vulnerability.");
script_set_attribute(attribute:"description", value:
"The remote Cisco device potentially contains an issue in the SNMP
module which may allow remote authenticated users to cause a denial of
service (device reload) via continuous SNMP polling requests.");
# https://tools.cisco.com/security/center/viewAlert.x?alertId=34268
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?252ae070");
script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewAlert.x?alertId=34268");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID
CSCug65204.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/05/16");
script_set_attribute(attribute:"patch_publication_date", value:"2014/05/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/01");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
script_dependencies("cisco_ios_version.nasl");
script_require_keys("Host/Cisco/IOS/Version");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");
flag = 0;
override = 0;
# According to CSCug65204, the follow releases are affected :
# 15.1(2)SG, 15.1(2.0), 15.2(1)E, and 15.1(1)SG
version = get_kb_item_or_exit("Host/Cisco/IOS/Version");
if (
version == '15.1(2)SG' ||
version == '15.1(2.0)' ||
version == '15.2(1)E' ||
version == '15.1(1)SG'
) flag++;
if (flag)
{
flag = 0;
# Check for SUP7E or SUP7L-E modules
if (get_kb_item("Host/local_checks_enabled"))
{
buf = cisco_command_kb_item("Host/Cisco/Config/show_module", "show module");
if (check_cisco_result(buf))
{
if (preg(pattern:"WS-X45-SUP7L?-E ", multiline:TRUE, string:buf)) flag++;
}
else if (cisco_needs_enable(buf))
{
flag++;
override++;
}
}
# Check for 4500-X model
model = get_kb_item_or_exit("Host/Cisco/IOS/Model");
if (model =~ "Catalyst 45[0-9][0-9]-X($|[^0-9])") flag++;
}
if (flag)
{
if (report_verbosity > 0)
{
report =
'\n Cisco Bug ID : CSCug65204' +
'\n Installed release : ' + version +
'\n';
security_warning(port:0, extra:report + cisco_caveat(override));
}
else security_warning(port:0, extra:cisco_caveat(override));
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");