Vulnerabilities in SNMP Message Processing - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Cisco Internetwork Operating System (IOS) Software release trains
12.0S, 12.1E, 12.2, 12.2S, 12.3, 12.3B and 12.3T may contain a
vulnerability in processing SNMP requests which, if exploited, could
cause the device to reload.
The vulnerability is only present in certain IOS releases on Cisco
routers and switches. This behavior was introduced via a code change
and is resolved with CSCed68575.
This vulnerability can be remotely triggered. A successful
exploitation of this vulnerability may cause a reload of the device and
could be exploited repeatedly to produce a denial of service (DoS).

See also :

http://www.nessus.org/u?9235a09c
http://www.nessus.org/u?40eebe65

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20040420-snmp.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.0
(CVSS2#E:U/RL:W/RC:C)
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 48974 (cisco-sa-20040420-snmp.nasl)

Bugtraq ID: 10186

CVE ID: CVE-2004-0714