Lucene search
This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.CISCO_IOS_CSCTX77750.NASLHistoryAug 17, 2012 - 12:00 a.m.
Cisco IOS MMoH Information Leak
2012-08-1700:00:00
This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
www.tenable.com
36
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.003
Percentile
66.1%
The remote Cisco IOS device has an information leak vulnerability. When the H.323 Multicast Music on Hold feature is enabled and in use, PSTN callers may be able to hear crosstalk.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(61577);
script_version("1.5");
script_cvs_date("Date: 2018/07/06 11:26:05");
script_cve_id("CVE-2012-1361");
script_bugtraq_id(54828);
script_xref(name:"CISCO-BUG-ID", value:"CSCtx77750");
script_name(english:"Cisco IOS MMoH Information Leak");
script_summary(english:"Checks IOS version");
script_set_attribute(
attribute:"synopsis",
value:"The remote device is missing a vendor-supplied security patch."
);
script_set_attribute(
attribute:"description",
value:
"The remote Cisco IOS device has an information leak vulnerability.
When the H.323 Multicast Music on Hold feature is enabled and in use,
PSTN callers may be able to hear crosstalk."
);
# http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtx77750
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?960b5c9f");
script_set_attribute(
attribute:"solution",
value:
"Upgrade to one of the non-vulnerable versions listed in the bug
details for CSCtx77750."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/06");
script_set_attribute(attribute:"patch_publication_date", value:"2012/08/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/17");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.");
script_dependencies("cisco_ios_version.nasl");
script_require_keys("Host/Cisco/IOS/Version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
version = get_kb_item_or_exit("Host/Cisco/IOS/Version");
if (version == '15.0(1)XA1')
security_warning(0);
else if (version == '15.0(1)XA2')
security_warning(0);
else if (version == '15.0(1)XA3')
security_warning(0);
else if (version == '15.0(1)XA4')
security_warning(0);
else if (version == '15.0(1)XA5')
security_warning(0);
else if (version == '15.1(4r)')
security_warning(0);
else if (version == '15.1(4r)M1')
security_warning(0);
else if (version == '15.1(1)T')
security_warning(0);
else if (version == '15.1(1)T1')
security_warning(0);
else if (version == '15.1(1)T2')
security_warning(0);
else if (version == '15.1(1)T3')
security_warning(0);
else if (version == '15.1(1)T4')
security_warning(0);
else if (version == '15.1(1r)T1')
security_warning(0);
else if (version == '15.1(1r)T2')
security_warning(0);
else if (version == '15.1(1r)T3')
security_warning(0);
else if (version == '15.1(1r)T4')
security_warning(0);
else if (version == '15.1(2)T')
security_warning(0);
else if (version == '15.1(2)T0a')
security_warning(0);
else if (version == '15.1(2)T1')
security_warning(0);
else if (version == '15.1(2)T2')
security_warning(0);
else if (version == '15.1(2)T2a')
security_warning(0);
else if (version == '15.1(2)T3')
security_warning(0);
else if (version == '15.1(2)T4')
security_warning(0);
else if (version == '15.1(3)T')
security_warning(0);
else if (version == '15.1(3)T1')
security_warning(0);
else if (version == '15.1(3)T2')
security_warning(0);
else if (version == '15.1(3)T3')
security_warning(0);
else if (version == '15.1(2)GC')
security_warning(0);
else if (version == '15.1(2)GC1')
security_warning(0);
else if (version == '15.1(2r)GC')
security_warning(0);
else if (version == '15.1(2r)GC1')
security_warning(0);
else if (version == '15.1(1)XB')
security_warning(0);
else if (version == '15.1(1)XB1')
security_warning(0);
else if (version == '15.1(1)XB2')
security_warning(0);
else if (version == '15.1(1)XB3')
security_warning(0);
else if (version == '15.1(9999)CCAI')
security_warning(0);
else
audit(AUDIT_HOST_NOT, "affected");
Related
prion
prion
Code injection
2012-08-06 18:55:00
cvelist
cvelist
CVE-2012-1361
2012-08-06 18:00:00
nvd
nvd
CVE-2012-1361
2012-08-06 18:55:01
cisco
cisco
Cisco IOS Software Music on Hold Information Disclosure Vulnerability
2012-08-23 17:52:43
cve
cve
CVE-2012-1361
2012-08-06 18:55:01
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.003
Percentile
66.1%
Related for CISCO_IOS_CSCTX77750.NASL