Cisco IOS XE Software Internet Key Exchange Memory Leak Vulnerability (cisco-sa-20130925-ike)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

A vulnerability in the Internet Key Exchange (IKE) protocol of Cisco
IOS XE Software could allow an unauthenticated, remote attacker to cause
a memory leak that could lead to a device reload. The vulnerability is
due to incorrect handling of malformed IKE packets by the affected
software. An attacker could exploit this vulnerability by sending
crafted IKE packets to a device configured with features that leverage
IKE version 1 (IKEv1). Although IKEv1 is automatically enabled on a
Cisco IOS XE Software when IKEv1 or IKE version 2 (IKEv2) is configured,
the vulnerability can be triggered only by sending a malformed IKEv1
packet. In specific conditions, normal IKEv1 packets can also cause an
affected release of Cisco IOS XE Software to leak memory. Only IKEv1 is
affected by this vulnerability. An exploit could cause Cisco IOS XE
Software not to release allocated memory, causing a memory leak. A
sustained attack may result in a device reload. Cisco has released free
software updates that address this vulnerability. There are no
workarounds to mitigate this vulnerability.

See also :

http://www.nessus.org/u?e5c40d83

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20130925-ike.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 70317 ()

Bugtraq ID: 62643

CVE ID: CVE-2013-5473