Cisco IOS OSPF Packet Handling DoS (CSCec16481)

This script is (C) 2004-2016 Tenable Network Security, Inc. and George Theall

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The target is a Cisco device running a version of IOS that is vulnerable
to a DoS attack from a malformed OSPF packet. Given knowledge of OSPF
area number, netmask, hello, and dead timers that are configured on the
targeted interface, a remote attacker can send a malformed OSPF packet and
cause the device to be reset, which may take several minutes. Note,
though, that the OSPF protocol is not enabled by default.

This vulnerability is documented as Cisco Bug ID CSCec16481.

Solution :

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.8
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 14337 (CSCec16481.nasl)

Bugtraq ID: 10971

CVE ID: CVE-2004-1454

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now