Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability (cisco-sa-20120215-nxos)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Cisco NX-OS Software is affected by a denial of service (DoS)
vulnerability that could cause Cisco Nexus 1000v, 1010, 5000, and 7000
Series Switches, and the Cisco Virtual Security Gateway (VSG) for
Nexus 1000V Series Switches, that are running affected versions of
Cisco NX-OS Software to reload when the IP stack processes a malformed
IP packet. Cisco has released free software updates that address this
vulnerability.

See also :

http://www.nessus.org/u?deffebbc

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20120215-nxos.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 66698 ()

Bugtraq ID: 52027

CVE ID: