Detections
Analytics
Cisco IOS XE GNU C Library (glibc) Buffer Overflow (CSCus69732) (GHOST)
critical Nessus Plugin ID 81594
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
The remote Cisco device is running a version of Cisco IOS XE software that is affected by a heap-based buffer overflow vulnerability in the GNU C Library (glibc) due to improperly validated user-supplied input to the __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2() functions. This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.Note that only the following devices are listed as affected :
- Cisco ASR 1000 Series Aggregation Services Routers
- Cisco ASR 920 Series Aggregation Services Routers
- Cisco ASR 900 Series Aggregation Services Routers
- Cisco 4400 Series Integrated Services Routers
- Cisco 4300 Series Integrated Services Routers
- Cisco Cloud Services Router 1000V Series
Solution
Apply the relevant patch referenced in Cisco bug ID CSCus69732.See Also
https://tools.cisco.com/bugsearch/bug/CSCus69732
Plugin Details
Severity: Critical
ID: 81594
File Name: cisco-sa-20150128-ghost-iosxe_multi.nasl
Version: 1.10
Type: local
Family: CISCO
Published: 3/2/2015
Updated: 11/25/2019
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.8
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2015-0235
Vulnerability Information
CPE: cpe:/o:cisco:ios_xe
Required KB Items: Host/Cisco/IOS-XE/Version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 2/20/2015
Vulnerability Publication Date: 1/27/2015
Exploitable With
Core Impact
Metasploit (Exim GHOST (glibc gethostbyname) Buffer Overflow)
Reference Information
CVE: CVE-2015-0235
BID: 72325