Cisco IOS Software Multicast Source Discovery Protocol DoS (cisco-sa-20120328-msdp)

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

According to its self-reported version number, the remote Cisco IOS
device is affected by a denial of service vulnerability in the
Multicast Source Discovery Protocol (MSDP) implementation. An
unauthenticated, remote attacker can exploit this, via an MSDP packet
containing encapsulated IGMP data, to cause the device to reload.

See also :

Solution :

Upgrade to the relevant fixed version referenced in Cisco Security
Advisory cisco-sa-20120328-msdp. Alternatively, apply the workarounds
detailed in the vendor advisory.

Risk factor :

High / CVSS Base Score : 7.1
CVSS Temporal Score : 5.9
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 58568 ()

Bugtraq ID: 52759

CVE ID: CVE-2012-0382

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now