Cisco IOS XE Software Resource Reservation Protocol Interface Queue Wedge Vulnerability (cisco-sa-20130925-rsvp)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

A vulnerability in the Resource Reservation Protocol (RSVP) feature
of Cisco IOS XE Software allows an unauthenticated, remote attacker to
trigger an interface queue wedge on the affected device. The
vulnerability is due to improper parsing of UDP RSVP packets. An
attacker can exploit this vulnerability by sending UDP port 1698 RSVP
packets to the vulnerable device. An exploit can cause Cisco IOS XE
software to incorrectly process incoming packets, resulting in an
interface queue wedge, which can lead to loss of connectivity, loss
of routing protocol adjacency, and other denial of service (DoS)
conditions. Cisco has released free software updates that address this
vulnerability. Workarounds that mitigate this vulnerability are

Note that this plugin checks for an affected IOS XE version and does
not attempt to perform any additional validity checks.

See also :

Solution :

Apply the relevant patch referenced in Cisco security advisory

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.8
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 70312 ()

Bugtraq ID: 62646

CVE ID: CVE-2013-5478

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now