Cisco IOS CDP Neighbor Announcement DoS

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

There is a vulnerability in how Cisco routers handle CDP. By sending
a large amount of CDP neighbor announcements it is possible to consume
all of the router's available memory.

Note that a device would need to be configured to use CDP and an
attacker would need to be on the same segment as the target router in
order to exploit this vulnerability.

See also :

http://archives.neohapsis.com/archives/bugtraq/2001-10/0062.html
http://www.nessus.org/u?dddb2797

Solution :

Apply the relevant patch references in the Cisco Security Advisory.

Risk factor :

Low / CVSS Base Score : 3.3
(CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 2.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 17793 ()

Bugtraq ID: 3412

CVE ID: CVE-2001-1071