This script is (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch
The performance of Cisco 12000 series routers can be degraded when they
have to send a large number of ICMP unreachable packets. This situation
usually can occur during heavy network scanning. This vulnerability is
tracked by three different bug IDs: CSCdr46528 ( registered customers
only) , CSCdt66560 ( registered customers only) , and CSCds36541 (
registered customers only) . Each bug ID is assigned to a different
Engine the line card is based upon.
The rest of the Cisco routers and switches are not affected by this
vulnerability. It is specific for Cisco 12000 Series.
No other Cisco product is vulnerable.
The workaround is to either prevent the router from sending unreachable
Internet Control Message Protocol (ICMPs) at all or to rate limit them.
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true