How to Buy
This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
According to its self-reported version, the version of Cisco IOS
running on the remote host is affected by multiple denial of service
vulnerabilities in the Network Address Translation (NAT)
- An issue exists in the TCP Input module due to the
improper handling of certain sequences of TCP packets.
An unauthenticated, remote attacker could potentially
exploit this issue by sending a specific sequence of
IPv4 TCP packets resulting in a denial of service.
- An issue exists in the Application Layer Gateway (ALG)
module due to the improper handling of malformed DNS
packets during the NAT procedure. An unauthenticated,
remote attacker could potentially exploit this issue by
sending malformed IPv4 DNS packets resulting in a denial
of service. (CVE-2014-2111)
Note that IPv6 packets cannot be used to exploit these issues.
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.8
Public Exploit Available : true
Nessus Plugin ID: 73345 ()
Bugtraq ID: 66470
CVE ID: CVE-2014-2109CVE-2014-2111
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.