Multiple Vulnerabilities Found by PROTOS IPSec Test Suite - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Multiple Cisco products contain vulnerabilities in the processing of
IPSec IKE (Internet Key Exchange) messages. These vulnerabilities were
identified by the University of Oulu Secure Programming Group (OUSPG)
"PROTOS" Test Suite for IPSec and can be repeatedly exploited to
produce a denial of service.
Cisco has made free software available to address this vulnerability
for affected customers. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.

See also :

Solution :

Apply the relevant patch referenced in Cisco Security Advisory

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 7.0
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 48990 (cisco-sa-20051114-ipsec.nasl)

Bugtraq ID: 15401

CVE ID: CVE-2005-3669

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now