ICMP Unreachable Vulnerability in Cisco 12000 Series Internet Router - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch

Description :

The performance of Cisco 12000 series routers can be degraded when they
have to send a large number of ICMP unreachable packets. This situation
usually can occur during heavy network scanning. This vulnerability is
tracked by three different bug IDs: CSCdr46528 ( registered customers
only) , CSCdt66560 ( registered customers only) , and CSCds36541 (
registered customers only) . Each bug ID is assigned to a different
Engine the line card is based upon.
The rest of the Cisco routers and switches are not affected by this
vulnerability. It is specific for Cisco 12000 Series.
No other Cisco product is vulnerable.
The workaround is to either prevent the router from sending unreachable
Internet Control Message Protocol (ICMPs) at all or to rate limit them.

See also :

http://www.nessus.org/u?e37ea3d2
http://www.nessus.org/u?64a44880

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20011114-gsr-unreachable.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 48960 (cisco-sa-20011114-gsr-unreachablehttp.nasl)

Bugtraq ID: 3534

CVE ID: CVE-2001-0861