Cisco Intrusion Prevention System MainApp SSL/TLS DoS (cisco-sa-20150311-ips)

high Nessus Plugin ID 81972

Synopsis

The remote security appliance is missing a vendor-supplied security patch.

Description

According to its self-reported version, the Cisco Intrusion Prevention System software running on the remote host is affected by a denial of service vulnerability within the SSL/TLS subsystem due to a race condition when handling multiple HTTPS requests on the management interface. A remote attacker, negotiating a number of HTTPS connections with the management interface, can cause the MainApp process to become unresponsive, resulting in a denial of service condition and general system failure.

Solution

Apply the relevant update referenced in Cisco bug ID CSCuq40652.

See Also

http://www.nessus.org/u?b340dfc9

Plugin Details

Severity: High

ID: 81972

File Name: cisco-sa-20150311-ipa.nasl

Version: 1.6

Type: local

Family: CISCO

Published: 3/20/2015

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/a:cisco:intrusion_prevention_system

Required KB Items: Host/Cisco/IPS/Version, Host/Cisco/IPS/Model

Exploit Ease: No known exploits are available

Patch Publication Date: 3/11/2015

Vulnerability Publication Date: 3/11/2015

Reference Information

CVE: CVE-2015-0654

BID: 73042

CISCO-SA: cisco-sa-20150311-ips

IAVA: 2015-A-0059

CISCO-BUG-ID: CSCuq40652