Vulnerabilities > CVE-2005-0197 - Configuration vulnerability in Cisco IOS
Attack vector
ADJACENT_NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 5 |
Common Weakness Enumeration (CWE)
Nessus
NASL family CISCO NASL id CISCO-SA-20050126-LESHTTP.NASL description Cisco Routers running Internetwork Operating System (IOS) that supports Multi Protocol Label Switching (MPLS) are vulnerable to a Denial of Service (DoS) attack on interfaces where MPLS is not configured. A system that supports MPLS is vulnerable even if that system is not configured for MPLS. The vulnerability is only present in Cisco IOS release trains based on 12.1T, 12.2, 12.2T, 12.3 and 12.3T. Releases based on 12.1 mainline, 12.1E and all releases prior to 12.1 are not vulnerable. Cisco has made free software available to address this vulnerability. There are workarounds available to mitigate the effects. last seen 2020-06-01 modified 2020-06-02 plugin id 48982 published 2010-09-01 reporter This script is (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48982 title Crafted Packet Causes Reload on Cisco Routers code # # (C) Tenable Network Security, Inc. # # Security advisory is (C) CISCO, Inc. # See https://www.cisco.com/en/US/products/products_security_advisory09186a00803be77c.shtml if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(48982); script_version("1.13"); script_cve_id("CVE-2005-0197"); script_bugtraq_id(12369); script_xref(name:"CERT", value:"583638"); script_xref(name:"CISCO-BUG-ID", value:"CSCeb56909"); script_xref(name:"CISCO-BUG-ID", value:"CSCec86420"); script_xref(name:"CISCO-SA", value:"cisco-sa-20050126-les"); script_name(english:"Crafted Packet Causes Reload on Cisco Routers"); script_set_attribute(attribute:"synopsis", value: "The remote device is missing a vendor-supplied security patch." ); script_set_attribute(attribute:"description", value: 'Cisco Routers running Internetwork Operating System (IOS) that supports Multi Protocol Label Switching (MPLS) are vulnerable to a Denial of Service (DoS) attack on interfaces where MPLS is not configured. A system that supports MPLS is vulnerable even if that system is not configured for MPLS. The vulnerability is only present in Cisco IOS release trains based on 12.1T, 12.2, 12.2T, 12.3 and 12.3T. Releases based on 12.1 mainline, 12.1E and all releases prior to 12.1 are not vulnerable. Cisco has made free software available to address this vulnerability. There are workarounds available to mitigate the effects.' ); script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?d6d89359"); # https://www.cisco.com/en/US/products/products_security_advisory09186a00803be77c.shtml script_set_attribute(attribute:"see_also", value: "http://www.nessus.org/u?77bb5d40"); script_set_attribute(attribute:"solution", value: "Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20050126-les." ); script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(16); script_set_attribute(attribute:"plugin_type", value: "local"); script_set_attribute(attribute:"cpe", value: "cpe:/o:cisco:ios"); script_set_attribute(attribute:"vuln_publication_date", value: "2005/01/26"); script_set_attribute(attribute:"patch_publication_date", value: "2005/01/26"); script_set_attribute(attribute:"plugin_publication_date", value: "2010/09/01"); script_cvs_date("Date: 2018/11/15 20:50:20"); script_end_attributes(); script_summary(english:"Uses SNMP to determine if a flaw is present"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is (C) 2010-2018 Tenable Network Security, Inc."); script_family(english:"CISCO"); script_dependencie("cisco_ios_version.nasl"); script_require_keys("Host/Cisco/IOS/Version"); exit(0); } include("cisco_func.inc"); # version = get_kb_item_or_exit("Host/Cisco/IOS/Version"); if (version == '12.3(2)XA4') security_warning(0); else if (version == '12.3(2)T4') security_warning(0); else if (version == '12.3(2)T3') security_warning(0); else if (version == '12.3(2)T2') security_warning(0); else if (version == '12.3(2)T1') security_warning(0); else if (version == '12.3(2)T') security_warning(0); else if (version == '12.3(1a)BW') security_warning(0); else if (version == '12.3(3)B1') security_warning(0); else if (version == '12.3(3)B') security_warning(0); else if (version == '12.3(1a)B') security_warning(0); else if (version == '12.3(3e)') security_warning(0); else if (version == '12.3(3c)') security_warning(0); else if (version == '12.3(3b)') security_warning(0); else if (version == '12.3(3a)') security_warning(0); else if (version == '12.3(3)') security_warning(0); else if (version == '12.3(1a)') security_warning(0); else if (version == '12.3(1)') security_warning(0); else if (version == '12.2(15)ZJ5') security_warning(0); else if (version == '12.2(15)ZJ3') security_warning(0); else if (version == '12.2(15)ZJ2') security_warning(0); else if (version == '12.2(15)ZJ1') security_warning(0); else if (version == '12.2(15)ZJ') security_warning(0); else if (version == '12.2(13)ZE') security_warning(0); else if (version == '12.2(13)ZD4') security_warning(0); else if (version == '12.2(13)ZD3') security_warning(0); else if (version == '12.2(13)ZD2') security_warning(0); else if (version == '12.2(13)ZD1') security_warning(0); else if (version == '12.2(13)ZD') security_warning(0); else if (version == '12.2(14)ZA7') security_warning(0); else if (version == '12.2(14)ZA6') security_warning(0); else if (version == '12.2(14)ZA5') security_warning(0); else if (version == '12.2(14)ZA4') security_warning(0); else if (version == '12.2(14)ZA3') security_warning(0); else if (version == '12.2(14)ZA2') security_warning(0); else if (version == '12.2(14)ZA1') security_warning(0); else if (version == '12.2(14)ZA') security_warning(0); else if (version == '12.2(9)ZA') security_warning(0); else if (version == '12.2(11)YZ2') security_warning(0); else if (version == '12.2(11)YZ1') security_warning(0); else if (version == '12.2(11)YZ') security_warning(0); else if (version == '12.2(8)YY4') security_warning(0); else if (version == '12.2(8)YY3') security_warning(0); else if (version == '12.2(8)YY2') security_warning(0); else if (version == '12.2(8)YY1') security_warning(0); else if (version == '12.2(8)YY') security_warning(0); else if (version == '12.2(11)YX1') security_warning(0); else if (version == '12.2(11)YX') security_warning(0); else if (version == '12.2(11)YT2') security_warning(0); else if (version == '12.2(11)YT1') security_warning(0); else if (version == '12.2(11)YT') security_warning(0); else if (version == '12.2(8)YN') security_warning(0); else if (version == '12.2(8)YJ') security_warning(0); else if (version == '12.2(8)YD3') security_warning(0); else if (version == '12.2(8)YD2') security_warning(0); else if (version == '12.2(8)YD1') security_warning(0); else if (version == '12.2(8)YD') security_warning(0); else if (version == '12.2(4)XV5') security_warning(0); else if (version == '12.2(4)XV4a') security_warning(0); else if (version == '12.2(4)XV4') security_warning(0); else if (version == '12.2(4)XV3') security_warning(0); else if (version == '12.2(4)XV2') security_warning(0); else if (version == '12.2(4)XV1') security_warning(0); else if (version == '12.2(4)XV') security_warning(0); else if (version == '12.2(2)XU') security_warning(0); else if (version == '12.2(2)XT3') security_warning(0); else if (version == '12.2(2)XT2') security_warning(0); else if (version == '12.2(2)XT') security_warning(0); else if (version == '12.2(2)XN') security_warning(0); else if (version == '12.2(4)XL6') security_warning(0); else if (version == '12.2(4)XL5') security_warning(0); else if (version == '12.2(4)XL4') security_warning(0); else if (version == '12.2(4)XL3') security_warning(0); else if (version == '12.2(4)XL') security_warning(0); else if (version == '12.2(2)XK3') security_warning(0); else if (version == '12.2(2)XK2') security_warning(0); else if (version == '12.2(2)XK') security_warning(0); else if (version == '12.2(2)XG1') security_warning(0); else if (version == '12.2(2)XG') security_warning(0); else if (version == '12.2(4)XF1') security_warning(0); else if (version == '12.2(2)XB8') security_warning(0); else if (version == '12.2(2)XB7') security_warning(0); else if (version == '12.2(2)XB6') security_warning(0); else if (version == '12.2(2)XB5') security_warning(0); else if (version == '12.2(2)XB3') security_warning(0); else if (version == '12.2(2)XB2') security_warning(0); else if (version == '12.2(2)XB15') security_warning(0); else if (version == '12.2(2)XB14') security_warning(0); else if (version == '12.2(2)XB12') security_warning(0); else if (version == '12.2(2)XB11') security_warning(0); else if (version == '12.2(2)XB10') security_warning(0); else if (version == '12.2(2)XB1') security_warning(0); else if (version == '12.2(2)XA5') security_warning(0); else if (version == '12.2(2)XA4') security_warning(0); else if (version == '12.2(2)XA3') security_warning(0); else if (version == '12.2(2)XA2') security_warning(0); else if (version == '12.2(2)XA1') security_warning(0); else if (version == '12.2(2)XA') security_warning(0); else if (version == '12.2(15)T5') security_warning(0); else if (version == '12.2(15)T4e') security_warning(0); else if (version == '12.2(15)T4') security_warning(0); else if (version == '12.2(15)T2') security_warning(0); else if (version == '12.2(15)T1') security_warning(0); else if (version == '12.2(15)T') security_warning(0); else if (version == '12.2(13)T9') security_warning(0); else if (version == '12.2(13)T8') security_warning(0); else if (version == '12.2(13)T5') security_warning(0); else if (version == '12.2(13)T4') security_warning(0); else if (version == '12.2(13)T3') security_warning(0); else if (version == '12.2(13)T2') security_warning(0); else if (version == '12.2(13)T13') security_warning(0); else if (version == '12.2(13)T12') security_warning(0); else if (version == '12.2(13)T11') security_warning(0); else if (version == '12.2(13)T10') security_warning(0); else if (version == '12.2(13)T1a') security_warning(0); else if (version == '12.2(13)T1') security_warning(0); else if (version == '12.2(13)T') security_warning(0); else if (version == '12.2(11)T9') security_warning(0); else if (version == '12.2(11)T8') security_warning(0); else if (version == '12.2(11)T6') security_warning(0); else if (version == '12.2(11)T5') security_warning(0); else if (version == '12.2(11)T3') security_warning(0); else if (version == '12.2(11)T2') security_warning(0); else if (version == '12.2(11)T11') security_warning(0); else if (version == '12.2(11)T10') security_warning(0); else if (version == '12.2(11)T1') security_warning(0); else if (version == '12.2(11)T') security_warning(0); else if (version == '12.2(8)T8') security_warning(0); else if (version == '12.2(8)T5') security_warning(0); else if (version == '12.2(8)T4') security_warning(0); else if (version == '12.2(8)T3') security_warning(0); else if (version == '12.2(8)T2') security_warning(0); else if (version == '12.2(8)T10') security_warning(0); else if (version == '12.2(8)T1') security_warning(0); else if (version == '12.2(8)T') security_warning(0); else if (version == '12.2(4)T7') security_warning(0); else if (version == '12.2(4)T6') security_warning(0); else if (version == '12.2(4)T5') security_warning(0); else if (version == '12.2(4)T3') security_warning(0); else if (version == '12.2(4)T2') security_warning(0); else if (version == '12.2(4)T1') security_warning(0); else if (version == '12.2(4)T') security_warning(0); else if (version == '12.2(2)T4') security_warning(0); else if (version == '12.2(2)T3') security_warning(0); else if (version == '12.2(2)T2') security_warning(0); else if (version == '12.2(2)T1') security_warning(0); else if (version == '12.2(2)T') security_warning(0); else if (version == '12.2(14)SZ6') security_warning(0); else if (version == '12.2(14)SZ5') security_warning(0); else if (version == '12.2(14)SZ4') security_warning(0); else if (version == '12.2(14)SZ3') security_warning(0); else if (version == '12.2(14)SZ2') security_warning(0); else if (version == '12.2(14)SZ1') security_warning(0); else if (version == '12.2(14)SZ') security_warning(0); else if (version == '12.2(14)SY5') security_warning(0); else if (version == '12.2(14)SY4') security_warning(0); else if (version == '12.2(14)SY3') security_warning(0); else if (version == '12.2(14)SY2') security_warning(0); else if (version == '12.2(14)SY1') security_warning(0); else if (version == '12.2(14)SY') security_warning(0); else if (version == '12.2(17b)SXA2') security_warning(0); else if (version == '12.2(17b)SXA') security_warning(0); else if (version == '12.2(17a)SX4') security_warning(0); else if (version == '12.2(17a)SX3') security_warning(0); else if (version == '12.2(17a)SX2') security_warning(0); else if (version == '12.2(17a)SX1') security_warning(0); else if (version == '12.2(17a)SX') security_warning(0); else if (version == '12.2(14)SX1') security_warning(0); else if (version == '12.2(14)SX') security_warning(0); else if (version == '12.2(14)S9') security_warning(0); else if (version == '12.2(14)S8') security_warning(0); else if (version == '12.2(14)S7') security_warning(0); else if (version == '12.2(14)S5') security_warning(0); else if (version == '12.2(14)S3') security_warning(0); else if (version == '12.2(14)S2') security_warning(0); else if (version == '12.2(14)S1') security_warning(0); else if (version == '12.2(14)S') security_warning(0); else if (version == '12.2(9)S') security_warning(0); else if (version == '12.2(15)MC1') security_warning(0); else if (version == '12.2(8)MC2d') security_warning(0); else if (version == '12.2(8)MC2c') security_warning(0); else if (version == '12.2(8)MC2b') security_warning(0); else if (version == '12.2(8)MC2') security_warning(0); else if (version == '12.2(8)MC1') security_warning(0); else if (version == '12.2(12h)M1') security_warning(0); else if (version == '12.2(12b)M1') security_warning(0); else if (version == '12.2(6c)M1') security_warning(0); else if (version == '12.2(1)M0') security_warning(0); else if (version == '12.2(2)DX3') security_warning(0); else if (version == '12.2(1)DX1') security_warning(0); else if (version == '12.2(1)DX') security_warning(0); else if (version == '12.2(2)DD4') security_warning(0); else if (version == '12.2(2)DD3') security_warning(0); else if (version == '12.2(2)DD2') security_warning(0); else if (version == '12.2(2)DD1') security_warning(0); else if (version == '12.2(2)DD') security_warning(0); else if (version == '12.2(12)DA5') security_warning(0); else if (version == '12.2(12)DA4') security_warning(0); else if (version == '12.2(12)DA3') security_warning(0); else if (version == '12.2(12)DA2') security_warning(0); else if (version == '12.2(12)DA1') security_warning(0); else if (version == '12.2(12)DA') security_warning(0); else if (version == '12.2(10)DA2') security_warning(0); else if (version == '12.2(10)DA1') security_warning(0); else if (version == '12.2(10)DA') security_warning(0); else if (version == '12.2(7)DA') security_warning(0); else if (version == '12.2(5)DA1') security_warning(0); else if (version == '12.2(5)DA') security_warning(0); else if (version == '12.2(1b)DA1') security_warning(0); else if (version == '12.2(1b)DA') security_warning(0); else if (version == '12.2(11)CY') security_warning(0); else if (version == '12.2(15)CX1') security_warning(0); else if (version == '12.2(15)CX') security_warning(0); else if (version == '12.2(11)CX') security_warning(0); else if (version == '12.2(15)BZ2') security_warning(0); else if (version == '12.2(4)BZ2') security_warning(0); else if (version == '12.2(4)BZ1') security_warning(0); else if (version == '12.2(2)BY3') security_warning(0); else if (version == '12.2(2)BY2') security_warning(0); else if (version == '12.2(2)BY1') security_warning(0); else if (version == '12.2(16)BX3') security_warning(0); else if (version == '12.2(16)BX2') security_warning(0); else if (version == '12.2(16)BX1') security_warning(0); else if (version == '12.2(16)BX') security_warning(0); else if (version == '12.2(15)BX') security_warning(0); else if (version == '12.2(2)BX1') security_warning(0); else if (version == '12.2(2)BX') security_warning(0); else if (version == '12.2(4)BW2') security_warning(0); else if (version == '12.2(4)BW1a') security_warning(0); else if (version == '12.2(4)BW1') security_warning(0); else if (version == '12.2(4)BW') security_warning(0); else if (version == '12.2(15)BC1g') security_warning(0); else if (version == '12.2(15)BC1f') security_warning(0); else if (version == '12.2(15)BC1e') security_warning(0); else if (version == '12.2(15)BC1d') security_warning(0); else if (version == '12.2(15)BC1c') security_warning(0); else if (version == '12.2(15)BC1b') security_warning(0); else if (version == '12.2(15)BC1a') security_warning(0); else if (version == '12.2(15)BC1') security_warning(0); else if (version == '12.2(11)BC3d') security_warning(0); else if (version == '12.2(11)BC3c') security_warning(0); else if (version == '12.2(11)BC3b') security_warning(0); else if (version == '12.2(11)BC3a') security_warning(0); else if (version == '12.2(11)BC3') security_warning(0); else if (version == '12.2(11)BC2a') security_warning(0); else if (version == '12.2(11)BC2') security_warning(0); else if (version == '12.2(11)BC1b') security_warning(0); else if (version == '12.2(11)BC1a') security_warning(0); else if (version == '12.2(11)BC1') security_warning(0); else if (version == '12.2(8)BC2a') security_warning(0); else if (version == '12.2(8)BC2') security_warning(0); else if (version == '12.2(8)BC1') security_warning(0); else if (version == '12.2(4)BC1b') security_warning(0); else if (version == '12.2(4)BC1a') security_warning(0); else if (version == '12.2(4)BC1') security_warning(0); else if (version == '12.2(16)B2') security_warning(0); else if (version == '12.2(16)B1') security_warning(0); else if (version == '12.2(16)B') security_warning(0); else if (version == '12.2(15)B') security_warning(0); else if (version == '12.2(4)B8') security_warning(0); else if (version == '12.2(4)B7') security_warning(0); else if (version == '12.2(4)B6') security_warning(0); else if (version == '12.2(4)B5') security_warning(0); else if (version == '12.2(4)B4') security_warning(0); else if (version == '12.2(4)B3') security_warning(0); else if (version == '12.2(4)B2') security_warning(0); else if (version == '12.2(4)B1') security_warning(0); else if (version == '12.2(4)B') security_warning(0); else if (version == '12.2(2)B7') security_warning(0); else if (version == '12.2(2)B6') security_warning(0); else if (version == '12.2(2)B5') security_warning(0); else if (version == '12.2(2)B4') security_warning(0); else if (version == '12.2(2)B3') security_warning(0); else if (version == '12.2(2)B2') security_warning(0); else if (version == '12.2(2)B1') security_warning(0); else if (version == '12.2(2)B') security_warning(0); else if (version == '12.2(19a)') security_warning(0); else if (version == '12.2(19)') security_warning(0); else if (version == '12.2(17b)') security_warning(0); else if (version == '12.2(17a)') security_warning(0); else if (version == '12.2(17)') security_warning(0); else if (version == '12.2(16c)') security_warning(0); else if (version == '12.2(16b)') security_warning(0); else if (version == '12.2(16a)') security_warning(0); else if (version == '12.2(16)') security_warning(0); else if (version == '12.2(13c)') security_warning(0); else if (version == '12.2(13b)') security_warning(0); else if (version == '12.2(13a)') security_warning(0); else if (version == '12.2(13)') security_warning(0); else if (version == '12.2(12m)') security_warning(0); else if (version == '12.2(12l)') security_warning(0); else if (version == '12.2(12k)') security_warning(0); else if (version == '12.2(12j)') security_warning(0); else if (version == '12.2(12i)') security_warning(0); else if (version == '12.2(12h)') security_warning(0); else if (version == '12.2(12g)') security_warning(0); else if (version == '12.2(12f)') security_warning(0); else if (version == '12.2(12e)') security_warning(0); else if (version == '12.2(12c)') security_warning(0); else if (version == '12.2(12b)') security_warning(0); else if (version == '12.2(12a)') security_warning(0); else if (version == '12.2(12)') security_warning(0); else if (version == '12.2(10d)') security_warning(0); else if (version == '12.2(10b)') security_warning(0); else if (version == '12.2(10a)') security_warning(0); else if (version == '12.2(10)') security_warning(0); else if (version == '12.2(7g)') security_warning(0); else if (version == '12.2(7c)') security_warning(0); else if (version == '12.2(7b)') security_warning(0); else if (version == '12.2(7a)') security_warning(0); else if (version == '12.2(7)') security_warning(0); else if (version == '12.2(6j)') security_warning(0); else if (version == '12.2(6i)') security_warning(0); else if (version == '12.2(6h)') security_warning(0); else if (version == '12.2(6g)') security_warning(0); else if (version == '12.2(6f)') security_warning(0); else if (version == '12.2(6e)') security_warning(0); else if (version == '12.2(6d)') security_warning(0); else if (version == '12.2(6c)') security_warning(0); else if (version == '12.2(6b)') security_warning(0); else if (version == '12.2(6a)') security_warning(0); else if (version == '12.2(6)') security_warning(0); else if (version == '12.2(5d)') security_warning(0); else if (version == '12.2(5c)') security_warning(0); else if (version == '12.2(5b)') security_warning(0); else if (version == '12.2(5a)') security_warning(0); else if (version == '12.2(5)') security_warning(0); else if (version == '12.2(3g)') security_warning(0); else if (version == '12.2(3d)') security_warning(0); else if (version == '12.2(3c)') security_warning(0); else if (version == '12.2(3b)') security_warning(0); else if (version == '12.2(3a)') security_warning(0); else if (version == '12.2(3)') security_warning(0); else if (version == '12.2(1d)') security_warning(0); else if (version == '12.2(1c)') security_warning(0); else if (version == '12.2(1b)') security_warning(0); else if (version == '12.2(1a)') security_warning(0); else if (version == '12.2(1)') security_warning(0); else if (version == '12.1(5)YD6') security_warning(0); else if (version == '12.1(5)YD5') security_warning(0); else if (version == '12.1(5)YD4') security_warning(0); else if (version == '12.1(5)YD3') security_warning(0); else if (version == '12.1(5)YD2') security_warning(0); else if (version == '12.1(5)YD1') security_warning(0); else if (version == '12.1(5)YD') security_warning(0); else if (version == '12.1(5)YB5') security_warning(0); else if (version == '12.1(5)YB4') security_warning(0); else if (version == '12.1(5)YB') security_warning(0); else if (version == '12.1(4)XY8') security_warning(0); else if (version == '12.1(4)XY7') security_warning(0); else if (version == '12.1(4)XY6') security_warning(0); else if (version == '12.1(4)XY5') security_warning(0); else if (version == '12.1(4)XY4') security_warning(0); else if (version == '12.1(4)XY3') security_warning(0); else if (version == '12.1(4)XY1') security_warning(0); else if (version == '12.1(5)XV') security_warning(0); else if (version == '12.1(3)XQ3') security_warning(0); else if (version == '12.1(3)XQ2') security_warning(0); else if (version == '12.1(3)XQ1') security_warning(0); else if (version == '12.1(3)XQ') security_warning(0); else if (version == '12.1(5)XM8') security_warning(0); else if (version == '12.1(5)XM7') security_warning(0); else if (version == '12.1(5)XM6') security_warning(0); else if (version == '12.1(5)XM5') security_warning(0); else if (version == '12.1(5)XM4') security_warning(0); else if (version == '12.1(5)XM3') security_warning(0); else if (version == '12.1(5)XM2') security_warning(0); else if (version == '12.1(5)XM1') security_warning(0); else if (version == '12.1(5)XM') security_warning(0); else if (version == '12.1(3a)XI9') security_warning(0); else if (version == '12.1(3a)XI8') security_warning(0); else if (version == '12.1(3a)XI7') security_warning(0); else if (version == '12.1(3a)XI6') security_warning(0); else if (version == '12.1(3a)XI5') security_warning(0); else if (version == '12.1(3a)XI4') security_warning(0); else if (version == '12.1(3a)XI3') security_warning(0); else if (version == '12.1(3a)XI2') security_warning(0); else if (version == '12.1(3a)XI1') security_warning(0); else if (version == '12.1(3)XI') security_warning(0); else if (version == '12.1(5)T9') security_warning(0); else if (version == '12.1(5)T8b') security_warning(0); else if (version == '12.1(5)T8a') security_warning(0); else if (version == '12.1(5)T8') security_warning(0); else if (version == '12.1(5)T7') security_warning(0); else if (version == '12.1(5)T6') security_warning(0); else if (version == '12.1(5)T5') security_warning(0); else if (version == '12.1(5)T4') security_warning(0); else if (version == '12.1(5)T3') security_warning(0); else if (version == '12.1(5)T20') security_warning(0); else if (version == '12.1(5)T2') security_warning(0); else if (version == '12.1(5)T19') security_warning(0); else if (version == '12.1(5)T18') security_warning(0); else if (version == '12.1(5)T17') security_warning(0); else if (version == '12.1(5)T15') security_warning(0); else if (version == '12.1(5)T14') security_warning(0); else if (version == '12.1(5)T12') security_warning(0); else if (version == '12.1(5)T10') security_warning(0); else if (version == '12.1(5)T1') security_warning(0); else if (version == '12.1(5)T') security_warning(0); else if (version == '12.1(3a)T8') security_warning(0); else if (version == '12.1(3a)T7') security_warning(0); else if (version == '12.1(3a)T6') security_warning(0); else if (version == '12.1(3a)T3') security_warning(0); else if (version == '12.1(3a)T2') security_warning(0); else if (version == '12.1(3a)T1') security_warning(0); else if (version == '12.1(3)T') security_warning(0); else if (version == '12.1(5)DC3') security_warning(0); else if (version == '12.1(5)DC2') security_warning(0); else if (version == '12.1(5)DC1') security_warning(0); else if (version == '12.1(5)DC') security_warning(0); else if (version == '12.1(4)DC3') security_warning(0); else if (version == '12.1(4)DC2') security_warning(0); else if (version == '12.1(3)DC2') security_warning(0); else if (version == '12.1(3)DC1') security_warning(0); else if (version == '12.1(3)DC') security_warning(0); else if (version == '12.0(25)SX7') security_warning(0); else if (version == '12.0(25)SX6e') security_warning(0); else if (version == '12.0(25)SX6') security_warning(0); else if (version == '12.0(25)SX5') security_warning(0); else if (version == '12.0(25)SX4') security_warning(0); else if (version == '12.0(25)SX3') security_warning(0); else if (version == '12.0(25)SX2') security_warning(0); else if (version == '12.0(25)SX1') security_warning(0); else if (version == '12.0(25)SX') security_warning(0); else if (version == '12.0(23)SX5') security_warning(0); else if (version == '12.0(23)SX4') security_warning(0); else if (version == '12.0(23)SX3') security_warning(0); else if (version == '12.0(23)SX2') security_warning(0); else if (version == '12.0(23)SX1') security_warning(0); else if (version == '12.0(23)SX') security_warning(0); else if (version == '12.0(21)SX1') security_warning(0); else if (version == '12.0(21)SX') security_warning(0); else if (version == '12.0(21)ST7') security_warning(0); else if (version == '12.0(21)ST6') security_warning(0); else if (version == '12.0(21)ST5') security_warning(0); else if (version == '12.0(21)ST4') security_warning(0); else if (version == '12.0(21)ST3a') security_warning(0); else if (version == '12.0(21)ST3') security_warning(0); else if (version == '12.0(21)ST2') security_warning(0); else if (version == '12.0(21)ST1') security_warning(0); else if (version == '12.0(21)ST') security_warning(0); else if (version == '12.0(20)ST6') security_warning(0); else if (version == '12.0(20)ST5') security_warning(0); else if (version == '12.0(20)ST4') security_warning(0); else if (version == '12.0(20)ST3') security_warning(0); else if (version == '12.0(20)ST2') security_warning(0); else if (version == '12.0(20)ST1') security_warning(0); else if (version == '12.0(20)ST') security_warning(0); else if (version == '12.0(19)ST6') security_warning(0); else if (version == '12.0(19)ST3') security_warning(0); else if (version == '12.0(19)ST2') security_warning(0); else if (version == '12.0(19)ST1') security_warning(0); else if (version == '12.0(19)ST') security_warning(0); else if (version == '12.0(18)ST1') security_warning(0); else if (version == '12.0(18)ST') security_warning(0); else if (version == '12.0(17)ST8') security_warning(0); else if (version == '12.0(17)ST7') security_warning(0); else if (version == '12.0(17)ST6') security_warning(0); else if (version == '12.0(17)ST5') security_warning(0); else if (version == '12.0(17)ST4') security_warning(0); else if (version == '12.0(17)ST3') security_warning(0); else if (version == '12.0(17)ST2') security_warning(0); else if (version == '12.0(17)ST1') security_warning(0); else if (version == '12.0(17)ST') security_warning(0); else if (version == '12.0(16)ST1') security_warning(0); else if (version == '12.0(16)ST') security_warning(0); else if (version == '12.0(14)ST3') security_warning(0); else if (version == '12.0(14)ST2') security_warning(0); else if (version == '12.0(14)ST1') security_warning(0); else if (version == '12.0(14)ST') security_warning(0); else if (version == '12.0(11)ST4') security_warning(0); else if (version == '12.0(11)ST3') security_warning(0); else if (version == '12.0(11)ST2') security_warning(0); else if (version == '12.0(11)ST1') security_warning(0); else if (version == '12.0(11)ST') security_warning(0); else if (version == '12.0(10)ST2') security_warning(0); else if (version == '12.0(10)ST1') security_warning(0); else if (version == '12.0(10)ST') security_warning(0); else if (version == '12.0(9)ST') security_warning(0); else if (version == '12.0(19)SL4') security_warning(0); else if (version == '12.0(19)SL3') security_warning(0); else if (version == '12.0(19)SL2') security_warning(0); else if (version == '12.0(25)S2') security_warning(0); else if (version == '12.0(25)S1') security_warning(0); else if (version == '12.0(25)S') security_warning(0); else if (version == '12.0(24)S4') security_warning(0); else if (version == '12.0(24)S3') security_warning(0); else if (version == '12.0(24)S2') security_warning(0); else if (version == '12.0(24)S1') security_warning(0); else if (version == '12.0(24)S') security_warning(0); else if (version == '12.0(23)S5') security_warning(0); else if (version == '12.0(23)S4') security_warning(0); else if (version == '12.0(23)S3b') security_warning(0); else if (version == '12.0(23)S3a') security_warning(0); else if (version == '12.0(23)S3') security_warning(0); else if (version == '12.0(23)S2a') security_warning(0); else if (version == '12.0(23)S2') security_warning(0); else if (version == '12.0(23)S1') security_warning(0); else if (version == '12.0(23)S') security_warning(0); else if (version == '12.0(22)S6') security_warning(0); else if (version == '12.0(22)S5a') security_warning(0); else if (version == '12.0(22)S5') security_warning(0); else if (version == '12.0(22)S4a') security_warning(0); else if (version == '12.0(22)S4') security_warning(0); else if (version == '12.0(22)S3c') security_warning(0); else if (version == '12.0(22)S3b') security_warning(0); else if (version == '12.0(22)S3a') security_warning(0); else if (version == '12.0(22)S3') security_warning(0); else if (version == '12.0(22)S2e') security_warning(0); else if (version == '12.0(22)S2d') security_warning(0); else if (version == '12.0(22)S2c') security_warning(0); else if (version == '12.0(22)S2b') security_warning(0); else if (version == '12.0(22)S2a') security_warning(0); else if (version == '12.0(22)S2') security_warning(0); else if (version == '12.0(22)S1') security_warning(0); else if (version == '12.0(22)S') security_warning(0); else exit(0, 'The host is not affected.');NASL family CISCO NASL id CSCEB56909.NASL description The remote version of IOS is vulnerable to a denial of service attack when processing malformed MPLS packets. If IPv6 is enabled, an attacker may exploit this flaw to prevent the router from working properly. last seen 2020-06-01 modified 2020-06-02 plugin id 17630 published 2005-03-25 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/17630 title Cisco IOS Multi Protocol Label Switching (MPLS) Packet Remote DoS (CSCeb56909) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if(description) { script_id(17630); script_version("1.22"); script_cve_id("CVE-2005-0197"); script_bugtraq_id(12369); script_name(english:"Cisco IOS Multi Protocol Label Switching (MPLS) Packet Remote DoS (CSCeb56909)"); script_set_attribute(attribute:"synopsis", value: "The remote device is missing a vendor-supplied security patch." ); script_set_attribute(attribute:"description", value: "The remote version of IOS is vulnerable to a denial of service attack when processing malformed MPLS packets. If IPv6 is enabled, an attacker may exploit this flaw to prevent the router from working properly." ); script_set_attribute(attribute:"solution", value: "http://www.nessus.org/u?795df75a" ); script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(16); script_set_attribute(attribute:"plugin_publication_date", value: "2005/03/25"); script_set_attribute(attribute:"vuln_publication_date", value: "2005/01/26"); script_cvs_date("Date: 2018/06/27 18:42:25"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value: "cpe:/o:cisco:ios"); script_end_attributes(); summary["english"] = "Uses SNMP to determine if a flaw is present"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_family(english:"CISCO"); script_dependencie("snmp_sysDesc.nasl", "snmp_cisco_type.nasl"); script_require_keys("SNMP/community", "SNMP/sysDesc", "CISCO/model"); exit(0); } include('cisco_func.inc'); os = get_kb_item("SNMP/sysDesc"); if(!os)exit(0); hardware = get_kb_item("CISCO/model"); if(!hardware)exit(0); version = extract_version(os); if ( ! version ) exit(0); if ( ereg(pattern:"cisco[^0-9]*(26.0|28.0|3[678].0|4[57].0|5[34][.]0)$", string:hardware) ) exit(0); # 12.1 Deprecated if ( deprecated_version(version, "12.1DB", "12.1DC", "12.1T", "12.1XG", "12.1XI", "12.1XJ", "12.1XL", "12.1XM", "12.1XP", "12.1XQ", "12.1XR", "12.1XT", "12.1XU", "12.1XV", "12.1YA", "12.1YB", "12.1YC", "12.1YD", "12.1YE", "12.1YF", "12.1YH", "12.1YI")) vuln ++; # 12.2 Deprecated if ( deprecated_version(version, "12.2B", "12.2BW", "12.2BX", "12.2BY", "12.2BZ", "12.2CX", "12.2CY", "12.2DD", "12.2DX", "12.2MB", "12.2MC", "12.2MX", "12.2SY", "12.2SZ", "12.2XA", "12.2XC", "12.2XD", "12.2XE", "12.2XF", "12.2XG", "12.2XH", "12.2XI", "12.2XJ", "12.2XK", "12.2XL", "12.2XM", "12.2XN", "12.2XQ", "12.2XS", "12.2XT", "12.2XU", "12.2XV", "12.2XW", "12.2XZ", "12.2YB", "12.2YC", "12.2YD", "12.2YE", "12.2YF", "12.2YG", "12.2YH", "12.2YI", "12.2YJ", "12.2YL", "12.2YM", "12.2YN", "12.2YO", "12.2YQ", "12.2YQ", "12.2YR", "12.2YS", "12.2YU", "12.2YV", "12.2YW", "12.2YX", "12.2YZ", "12.2ZB", "12.2ZC", "12.2ZD", "12.2ZE", "12.2ZF", "12.2ZG", "12.2ZH", "12.2ZI", "12.2ZJ", "12.2ZL", "12.2ZN", "12.2ZO", "12.2ZP") ) vuln ++; # 12.3 Deprecated if ( deprecated_version(version, "12.3BW", "12.3XA", "12.3XB") ) vuln ++; # 12.2 if ( check_release(version:version, patched:make_list("12.2(10g)", "12.2(13e)", "12.2(16f)", "12.2(17d)", "12.2(19b)", "12.2(21a)", "12.2(23)"), newest:"12.2(23)") ) vuln ++; # 12.2BC if ( check_release(version:version, patched:make_list("12.2(15)BC2"), newest:"12.2(15)BC2") ) vuln ++; # 12.2CZ if ( check_release(version:version, patched:make_list("12.2(15)CZ"), newest:"12.2(15)CZ") ) vuln ++; # 12.2DA if ( check_release(version:version, patched:make_list("12.2(12)DA6"), newest:"12.2(12)DA6") ) vuln ++; # 12.2EW if ( check_release(version:version, patched:make_list("12.2(18)EW"), newest:"12.2(18)EW") ) vuln ++; # 12.2EWA if ( "EWA" >< version && check_release(version:version, patched:make_list("12.2(20)EWA"), newest:"12.2(20)EWA") ) vuln ++; # 12.2JA if ( check_release(version:version, patched:make_list("12.2(15)JA"), newest:"12.2(15)JA") ) vuln ++; # 12.2JK if ( check_release(version:version, patched:make_list("12.2(15)JK"), newest:"12.2(15)JK") ) vuln ++; # 12.2SU if ( check_release(version:version, patched:make_list("12.2(14)SU"), newest:"12.2(14)SU") ) vuln ++; # 12.2SW if ( check_release(version:version, patched:make_list("12.2(19)SW"), newest:"12.2(19)SW") ) vuln ++; # 12.2T if ( check_release(version:version, patched:make_list("12.2(13)T14", "12.2(15)T7"), newest:"12.2(15)T7") ) vuln ++; # 12.2XR if ( check_release(version:version, patched:make_list("12.2(15)XR"), newest:"12.2(15)XR") ) vuln ++; # 12.2YA if ( check_release(version:version, patched:make_list("12.2(4)YA8"), newest:"12.2(4)YA8") ) vuln ++; # 12.2YA if ( check_release(version:version, patched:make_list("12.2(4)YA8"), newest:"12.2(4)YA8") ) vuln ++; # 12.3 if ( check_release(version:version, patched:make_list("12.3(3f)", "12.3(5)"), newest:"12.3(5)") ) vuln ++; # 12.3B if ( check_release(version:version, patched:make_list("12.3(5a)B4"), newest:"12.3(5a)B4") ) vuln ++; # 12.3BC if ( check_release(version:version, patched:make_list("12.3(9a)BC"), newest:"12.3(9a)BC") ) vuln ++; # 12.3T if ( check_release(version:version, patched:make_list("12.3(2)T5", "12.3(4)T7", "12.3(7)T"), newest:"12.3(7)T") ) vuln ++; # 12.3XC if ( check_release(version:version, patched:make_list("12.3(2)XC3"), newest:"12.3(2)XC3") ) vuln ++; # 12.3XD if ( check_release(version:version, patched:make_list("12.3(4)XD"), newest:"12.3(4)XD") ) vuln ++; # 12.3XE if ( check_release(version:version, patched:make_list("12.3(2)XE1"), newest:"12.3(2)XE1") ) vuln ++; # 12.3XF if ( check_release(version:version, patched:make_list("12.3(2)XF"), newest:"12.3(2)XF") ) vuln ++; # 12.3XG if ( check_release(version:version, patched:make_list("12.3(4)XG1"), newest:"12.3(4)XG1") ) vuln ++; # 12.3XH if ( check_release(version:version, patched:make_list("12.3(4)XH"), newest:"12.3(4)XH") ) vuln ++; # 12.3XI if ( check_release(version:version, patched:make_list("12.3(7)XI"), newest:"12.3(7)XI") ) vuln ++; # 12.3XJ if ( check_release(version:version, patched:make_list("12.3(7)XJ"), newest:"12.3(7)XJ") ) vuln ++; # 12.3XK if ( check_release(version:version, patched:make_list("12.3(4)XK1"), newest:"12.3(4)XK1") ) vuln ++; # 12.3XL if ( check_release(version:version, patched:make_list("12.3(7)XL"), newest:"12.3(7)XL") ) vuln ++; # 12.3XM if ( check_release(version:version, patched:make_list("12.3(7)XM"), newest:"12.3(7)XM") ) vuln ++; # 12.3XN if ( check_release(version:version, patched:make_list("12.3(4)XN"), newest:"12.3(4)XN") ) vuln ++; # 12.3XQ if ( check_release(version:version, patched:make_list("12.3(4)XQ"), newest:"12.3(4)XQ") ) vuln ++; # 12.3XR if ( check_release(version:version, patched:make_list("12.3(7)XR"), newest:"12.3(7)XR") ) vuln ++; # 12.3XS if ( check_release(version:version, patched:make_list("12.3(7)XS"), newest:"12.3(7)XS") ) vuln ++; # 12.3XT if ( check_release(version:version, patched:make_list("12.3(2)XT"), newest:"12.3(2)XT") ) vuln ++; # 12.3XU if ( check_release(version:version, patched:make_list("12.3(8)XU"), newest:"12.3(8)XU") ) vuln ++; # 12.3XW if ( check_release(version:version, patched:make_list("12.3(8)XW"), newest:"12.3(8)XW") ) vuln ++; # 12.3XX if ( check_release(version:version, patched:make_list("12.3(8)XX"), newest:"12.3(8)XX") ) vuln ++; # 12.3XY if ( check_release(version:version, patched:make_list("12.3(8)XY"), newest:"12.3(8)XY") ) vuln ++; # 12.3XA if ( check_release(version:version, patched:make_list("12.3(8)XA"), newest:"12.3(8)XA") ) vuln ++; # 12.3XD if ( check_release(version:version, patched:make_list("12.3(8)XD"), newest:"12.3(8)XD") ) vuln ++; # 12.3XE if ( check_release(version:version, patched:make_list("12.3(4)XE"), newest:"12.3(4)XE") ) vuln ++; # 12.3XF if ( check_release(version:version, patched:make_list("12.3(11)XF"), newest:"12.3(11)XF") ) vuln ++; # 12.3XG if ( check_release(version:version, patched:make_list("12.3(8)XG"), newest:"12.3(8)XG") ) vuln ++; # 12.3XH if ( check_release(version:version, patched:make_list("12.3(8)XH"), newest:"12.3(8)XH") ) vuln ++; if ( vuln == 1 ) security_warning(port:161, proto:"udp"); else if ( vuln > 1 ) display("IOS version ", version, " identified as vulnerable by multiple checks\n");
Oval
| accepted | 2008-09-08T04:00:33.660-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface. | ||||
| family | ios | ||||
| id | oval:org.mitre.oval:def:5662 | ||||
| status | accepted | ||||
| submitted | 2008-05-26T11:06:36.000-04:00 | ||||
| title | Cisco IOS Routers MPLS Reset Denial of Service Vulnerability | ||||
| version | 3 |
References
- http://secunia.com/advisories/14031
- http://securitytracker.com/id?1013015
- http://www.cisco.com/warp/public/707/cisco-sa-20050126-les.shtml
- http://www.kb.cert.org/vuls/id/583638
- http://www.securityfocus.com/bid/12369
- http://www.us-cert.gov/cas/techalerts/TA05-026A.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19071
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5662