Detections
Analytics
Multiple Vulnerabilities in Cisco Intrusion Prevention System Software (cisco-sa-20140219-ips)
high Nessus Plugin ID 72705
Language:
Synopsis
The remote security appliance is missing a vendor-supplied patch.Description
According to its self-reported version, the version of the Cisco Intrusion Prevention System software running on the remote is affected by the following denial of service vulnerabilities :- The Analysis Engine can become unresponsive due to improper handling of fragmented packets processed through the device. The device is only affected when the 'produce-verbose-alert' action is enabled.
(CVE-2014-0718)
- The MainApp can become unresponsive due to improper handling of malformed TCP packets sent to the management interface. Other critical tasks such as alert notification, event store management, sensor authentication, and the Analysis Engine can become unresponsive as well. (CVE-2014-0719)
- The Analysis Engine can become unresponsive due to improper handling of jumbo frames sent at a high rate.
(CVE-2014-0720)
An unauthenticated, remote attacker can exploit these issues to cause a denial of service.
Solution
Apply the relevant update referenced in Cisco Security Advisory cisco-sa-20140219-ips.See Also
Plugin Details
Severity: High
ID: 72705
File Name: cisco-sa-20140219-ips.nasl
Version: 1.7
Type: local
Family: CISCO
Published: 2/26/2014
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
Vulnerability Information
CPE: cpe:/a:cisco:intrusion_prevention_system
Required KB Items: Host/Cisco/IPS/Version, Host/Cisco/IPS/Model
Exploit Ease: No known exploits are available
Patch Publication Date: 10/9/2013
Vulnerability Publication Date: 2/19/2014