Cisco IOS IKE Module DoS

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The Cisco Internet Key Exchange (IKE) module has a denial of service
vulnerability. According to its self-reported IOS version, the remote
device may be affected by this vulnerability. The IKE module does not
handle specially crafted main mode packets and can allow established
IKE security associations to be damaged.

See also :

http://www.nessus.org/u?dc5a5c78
http://tools.cisco.com/security/center/viewAlert.x?alertId=33639

Solution :

Contact Cisco for updated software.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 73736 ()

Bugtraq ID: 66628

CVE ID: CVE-2014-2143