Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720

high Nessus Plugin ID 49014

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

Certain Cisco Catalyst 6500 Series and Cisco 7600 Router devices that run branches of Cisco IOS based on 12.2 can be vulnerable to a denial of service vulnerability that can prevent any traffic from entering an affected interface. For a device to be vulnerable, it must be configured for Open Shortest Path First (OSPF) Sham-Link and Multi Protocol Label Switching (MPLS) Virtual Private Networking (VPN). This vulnerability only affects Cisco Catalyst 6500 Series or Catalyst 7600 Series devices with the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720) or Route Switch Processor 720 (RSP720) modules. The Supervisor 32, Supervisor 720, Supervisor 720-3B, Supervisor 720-3BXL, Route Switch Processor 720, Route Switch Processor 720-3C, and Route Switch Processor 720-3CXL are all potentially vulnerable.
OSPF and MPLS VPNs are not enabled by default.

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20080326-queue.

See Also

http://www.nessus.org/u?0983c385

http://www.nessus.org/u?c0565f82

Plugin Details

Severity: High

ID: 49014

File Name: cisco-sa-20080326-queuehttp.nasl

Version: 1.18

Type: local

Family: CISCO

Published: 9/1/2010

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 3/26/2008

Vulnerability Publication Date: 3/26/2008

Reference Information

CVE: CVE-2008-0537

BID: 28463

CISCO-SA: cisco-sa-20080326-queue

CISCO-BUG-ID: CSCsf12082