Cisco IOS OSPF Packet Handling DoS (CSCec16481)

This script is (C) 2004-2016 Tenable Network Security, Inc. and George Theall

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The target is a Cisco device running a version of IOS that is vulnerable
to a DoS attack from a malformed OSPF packet. Given knowledge of OSPF
area number, netmask, hello, and dead timers that are configured on the
targeted interface, a remote attacker can send a malformed OSPF packet and
cause the device to be reset, which may take several minutes. Note,
though, that the OSPF protocol is not enabled by default.

This vulnerability is documented as Cisco Bug ID CSCec16481.

Solution :

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.8
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 14337 (CSCec16481.nasl)

Bugtraq ID: 10971

CVE ID: CVE-2004-1454

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial