Cisco Multiple Devices Crafted IP Option Remote Code Execution (CSCeh52410)

Critical Nessus Plugin ID 24741

Synopsis

Arbitrary code can be executed on the remote CISCO device.

Description

The remote version of IOS contains a flaw that could cause the remote router to crash when processing specially malformed IP packets.

An attacker might use these flaws to execute arbitrary code on the remote routers.

Solution

http://www.nessus.org/u?f4359412

Plugin Details

Severity: Critical

ID: 24741

File Name: CSCeh52410.nasl

Version: 1.21

Type: local

Family: CISCO

Published: 2007/03/01

Updated: 2018/06/27

Dependencies: 10969, 10800

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: SNMP/community, SNMP/sysDesc, CISCO/model

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2007/01/24

Reference Information

CVE: CVE-2007-0480

BID: 22211