This script is (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch
Certain versions of Cisco IOS software may crash or hang when they
receive invalid user datagram protocol (UDP) packets sent to their
"syslog" ports (port 514). At least one commonly-used Internet scanning
tool generates packets which can cause such crashes and hangs. This
fact has been announced on public Internet mailing lists which are
widely read both by security professionals and by security "crackers",
and should be considered public information.
This vulnerability affects devices running Cisco IOS software version
11.3AA, version 11.3DB, or any 12.0-based version (including 12.0
mainline, 12.0S, 12.0T, and any other regular released version whose
number starts with "12.0"). The vulnerability has been corrected in
certain special releases, and will be corrected in maintenance and
interim releases which will be issued in the future
see the section on
"Software Versions and Fixes" for details on which versions are
affected, and on which versions are, or will be, fixed. Cisco intends
to provide fixes for all affected IOS variants.
There is a configuration workaround for this vulnerability.
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Nessus Plugin ID: 48946 (cisco-sa-19990111-ios-sysloghttp.nasl)
Bugtraq ID: 675
CVE ID: CVE-1999-0063
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.