Cisco Global Site Selector Appliances DNS Vulnerability (cisco-sa-20090107-gss)

medium Nessus Plugin ID 68961

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco Application Control Engine Global Site Selector (GSS) contains a denial of service (DoS) issue when processing specific Domain Name System (DNS) requests.

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20090107-gss.

See Also

http://www.nessus.org/u?0686f1ca

Plugin Details

Severity: Medium

ID: 68961

File Name: cisco-sa-20090107-gss.nasl

Version: 1.11

Type: local

Family: CISCO

Published: 7/18/2013

Updated: 1/26/2022

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/h:cisco:gss_4490_global_site_selector, cpe:/h:cisco:gss_4491_global_site_selector, cpe:/h:cisco:gss_4492r_global_site_selector, cpe:/h:cisco:gss_4480_global_site_selector

Required KB Items: Host/Cisco/GSS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 1/7/2009

Vulnerability Publication Date: 1/7/2009

Reference Information

CVE: CVE-2008-3819

BID: 33152

CISCO-SA: cisco-sa-20090107-gss

IAVT: 2009-T-0004-S

CISCO-BUG-ID: CSCsj70093