Detections
Analytics

Multiple Vulnerabilities in Cisco Intrusion Prevention System Software (cisco-sa-20130717-ips)

high Nessus Plugin ID 69103

Language:

Synopsis

The remote security appliance is missing a vendor-supplied patch.

Description

According to its self-reported version, the version of the Cisco Intrusion Prevention System Software running on the remote host has the following vulnerabilities :

 - The IP stack in Cisco IPS Software could allow remote attackers to cause a denial of service (DoS) condition via malformed IPv4 packets. (CVE-2013-1243)

 - Cisco IPS Software could allow remote attackers to cause a DoS condition via fragmented IPv4 or IPv6 packets.
 (CVE-2013-1218)

 - Cisco IPS Software on some IPS NME devices could allow remote attackers to cause a DoS condition via malformed IPv4 packets that trigger incorrect memory allocation.
 (CVE-2013-3410)

 - The IDSM-2 drivers in Cisco IPS Software on Cisco Catalyst 6500 devices with an IDSM-2 module could allow remote attackers to cause a DoS condition via malformed IPv4 TCP packets. (CVE-2013-3411)

Solution

Apply the relevant update referenced in Cisco Security Advisory cisco-sa-20130717-ips.

See Also

http://www.nessus.org/u?3770250e

Plugin Details

Severity: High

ID: 69103

File Name: cisco-sa-20130717-ips.nasl

Version: 1.6

Type: local

Family: CISCO

Published: 7/29/2013

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/a:cisco:intrusion_prevention_system

Required KB Items: Host/Cisco/IPS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 7/17/2013

Vulnerability Publication Date: 7/17/2013

Reference Information

CVE: CVE-2013-1218, CVE-2013-1243, CVE-2013-3410, CVE-2013-3411

BID: 61294, 61299, 61300, 61301