Vulnerabilities > CVE-2012-3950 - Resource Management Errors vulnerability in Cisco IOS

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

cisco

CWE-399

nessus

NVD

Published: 2012-09-27

Updated: 2017-08-29

Summary

The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, in certain configurations of enabled categories and missing signatures, allows remote attackers to cause a denial of service (device reload) via DNS packets, aka Bug ID CSCtw55976.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS 12.3 Cisco IOS 12.3\(1A\) Cisco IOS 12.3\(2\)Ja Cisco IOS 12.3\(2\)Ja5 Cisco IOS 12.3\(2\)Jk Cisco IOS 12.3\(2\)Jk1 Cisco IOS 12.3\(2\)T3 Cisco IOS 12.3\(2\)T8 Cisco IOS 12.3\(2\)Xa4 Cisco IOS 12.3\(2\)Xa5 Cisco IOS 12.3\(2\)Xc1 Cisco IOS 12.3\(2\)Xc2 Cisco IOS 12.3\(2\)Xc3 Cisco IOS 12.3\(2\)Xc4 Cisco IOS 12.3\(2\)Xe3 Cisco IOS 12.3\(2\)Xe4 Cisco IOS 12.3\(3E\) Cisco IOS 12.3\(3H\) Cisco IOS 12.3\(3I\) Cisco IOS 12.3\(4\)Eo1 Cisco IOS 12.3\(4\)Ja Cisco IOS 12.3\(4\)Ja1 Cisco IOS 12.3\(4\)T Cisco IOS 12.3\(4\)T1 Cisco IOS 12.3\(4\)T2 Cisco IOS 12.3\(4\)T3 Cisco IOS 12.3\(4\)T4 Cisco IOS 12.3\(4\)T8 Cisco IOS 12.3\(4\)Tpc11A Cisco IOS 12.3\(4\)Xd Cisco IOS 12.3\(4\)Xd1 Cisco IOS 12.3\(4\)Xd2 Cisco IOS 12.3\(4\)Xe4 Cisco IOS 12.3\(4\)Xg1 Cisco IOS 12.3\(4\)Xg2 Cisco IOS 12.3\(4\)Xg4 Cisco IOS 12.3\(4\)Xg5 Cisco IOS 12.3\(4\)Xh Cisco IOS 12.3\(4\)Xk Cisco IOS 12.3\(4\)Xk1 Cisco IOS 12.3\(4\)Xk3 Cisco IOS 12.3\(4\)Xk4 Cisco IOS 12.3\(4\)Xq Cisco IOS 12.3\(4\)Xq1 Cisco IOS 12.3\(5\) Cisco IOS 12.3\(5\)B1 Cisco IOS 12.3\(5A\) Cisco IOS 12.3\(5A\)B Cisco IOS 12.3\(5A\)B2 Cisco IOS 12.3\(5A\)B5 Cisco IOS 12.3\(5B\) Cisco IOS 12.3\(5C\) Cisco IOS 12.3\(5E\) Cisco IOS 12.3\(5F\) Cisco IOS 12.3\(6\) Cisco IOS 12.3\(6A\) Cisco IOS 12.3\(6D\) Cisco IOS 12.3\(6E\) Cisco IOS 12.3\(6F\) Cisco IOS 12.3\(7\)Ja Cisco IOS 12.3\(7\)Ja1 Cisco IOS 12.3\(7\)Jx Cisco IOS 12.3\(7\)T Cisco IOS 12.3\(7\)T4 Cisco IOS 12.3\(7\)T8 Cisco IOS 12.3\(7\)T9 Cisco IOS 12.3\(7\)T10 Cisco IOS 12.3\(7\)T12 Cisco IOS 12.3\(7\)Xi3 Cisco IOS 12.3\(7\)Xi4 Cisco IOS 12.3\(7\)Xi7 Cisco IOS 12.3\(7\)Xr3 Cisco IOS 12.3\(7\)Xr4 Cisco IOS 12.3\(7\)Xr6 Cisco IOS 12.3\(7.7\) Cisco IOS 12.3\(8\)Ja Cisco IOS 12.3\(8\)Ja1 Cisco IOS 12.3\(8\)T4 Cisco IOS 12.3\(8\)T7 Cisco IOS 12.3\(8\)T8 Cisco IOS 12.3\(8\)T9 Cisco IOS 12.3\(8\)T11 Cisco IOS 12.3\(8\)Xu2 Cisco IOS 12.3\(8\)Xy4 Cisco IOS 12.3\(8\)Xy5 Cisco IOS 12.3\(8\)Xy6 Cisco IOS 12.3\(8\)Ya1 Cisco IOS 12.3\(8\)Yd Cisco IOS 12.3\(8\)Yf Cisco IOS 12.3\(8\)Yg Cisco IOS 12.3\(8\)Yg1 Cisco IOS 12.3\(8\)Yg2 Cisco IOS 12.3\(8\)Yg3 Cisco IOS 12.3\(8\)Yh Cisco IOS 12.3\(8\)Yi Cisco IOS 12.3\(8\)Yi1 Cisco IOS 12.3\(8\)Yi3 Cisco IOS 12.3\(9\) Cisco IOS 12.3\(9A\)Bc Cisco IOS 12.3\(9A\)Bc2 Cisco IOS 12.3\(9A\)Bc6 Cisco IOS 12.3\(9A\)Bc7 Cisco IOS 12.3\(9D\) Cisco IOS 12.3\(9E\) Cisco IOS 12.3\(10\) Cisco IOS 12.3\(10C\) Cisco IOS 12.3\(10D\) Cisco IOS 12.3\(10E\) Cisco IOS 12.3\(11\) Cisco IOS 12.3\(11\)T Cisco IOS 12.3\(11\)T4 Cisco IOS 12.3\(11\)T5 Cisco IOS 12.3\(11\)T6 Cisco IOS 12.3\(11\)T8 Cisco IOS 12.3\(11\)T9 Cisco IOS 12.3\(11\)Xl Cisco IOS 12.3\(11\)Xl3 Cisco IOS 12.3\(11\)Yf Cisco IOS 12.3\(11\)Yf2 Cisco IOS 12.3\(11\)Yf3 Cisco IOS 12.3\(11\)Yf4 Cisco IOS 12.3\(11\)Yj Cisco IOS 12.3\(11\)Yk Cisco IOS 12.3\(11\)Yk1 Cisco IOS 12.3\(11\)Yk2 Cisco IOS 12.3\(11\)Yl Cisco IOS 12.3\(11\)Yn Cisco IOS 12.3\(11\)Yr Cisco IOS 12.3\(11\)Ys Cisco IOS 12.3\(11\)Ys1 Cisco IOS 12.3\(11\)Yw Cisco IOS 12.3\(12\) Cisco IOS 12.3\(12B\) Cisco IOS 12.3\(12E\) Cisco IOS 12.3\(13\) Cisco IOS 12.3\(13A\) Cisco IOS 12.3\(13A\)Bc Cisco IOS 12.3\(13A\)Bc1 Cisco IOS 12.3\(13B\) Cisco IOS 12.3\(14\)T Cisco IOS 12.3\(14\)T2 Cisco IOS 12.3\(14\)T4 Cisco IOS 12.3\(14\)T5 Cisco IOS 12.3\(14\)Ym4 Cisco IOS 12.3\(14\)Yq Cisco IOS 12.3\(14\)Yq1 Cisco IOS 12.3\(14\)Yq3 Cisco IOS 12.3\(14\)Yq4 Cisco IOS 12.3\(14\)Yt Cisco IOS 12.3\(14\)Yt1 Cisco IOS 12.3\(14\)Yu Cisco IOS 12.3\(14\)Yu1 Cisco IOS 12.3\(15\) Cisco IOS 12.3\(15B\) Cisco IOS 12.3\(16\) Cisco IOS 12.3B Cisco IOS 12.3Bc Cisco IOS 12.3Bw Cisco IOS 12.3J Cisco IOS 12.3Ja Cisco IOS 12.3Jea Cisco IOS 12.3Jeb Cisco IOS 12.3Jec Cisco IOS 12.3Jed Cisco IOS 12.3Jk Cisco IOS 12.3Jl Cisco IOS 12.3Jx Cisco IOS 12.3T Cisco IOS 12.3Tpc Cisco IOS 12.3Va Cisco IOS 12.3Xa Cisco IOS 12.3Xb Cisco IOS 12.3Xc Cisco IOS 12.3Xd Cisco IOS 12.3Xe Cisco IOS 12.3Xf Cisco IOS 12.3Xg Cisco IOS 12.3Xh Cisco IOS 12.3Xi Cisco IOS 12.3Xj Cisco IOS 12.3Xk Cisco IOS 12.3Xl Cisco IOS 12.3Xm Cisco IOS 12.3Xn Cisco IOS 12.3Xq Cisco IOS 12.3Xr Cisco IOS 12.3Xs Cisco IOS 12.3Xt Cisco IOS 12.3Xu Cisco IOS 12.3Xv Cisco IOS 12.3Xw Cisco IOS 12.3Xx Cisco IOS 12.3Xy Cisco IOS 12.3Xz Cisco IOS 12.3Ya Cisco IOS 12.3Yb Cisco IOS 12.3Yc Cisco IOS 12.3Yd Cisco IOS 12.3Ye Cisco IOS 12.3Yf Cisco IOS 12.3Yg Cisco IOS 12.3Yh Cisco IOS 12.3Yi Cisco IOS 12.3Yj Cisco IOS 12.3Yk Cisco IOS 12.3Yl Cisco IOS 12.3Ym Cisco IOS 12.3Yn Cisco IOS 12.3Yq Cisco IOS 12.3Yr Cisco IOS 12.3Ys Cisco IOS 12.3Yt Cisco IOS 12.3Yu Cisco IOS 12.3Yw Cisco IOS 12.3Yx Cisco IOS 12.3Yz Cisco IOS 12.3Za Cisco IOS 12.4 Cisco IOS 12.4\(1\) Cisco IOS 12.4\(1B\) Cisco IOS 12.4\(1C\) Cisco IOS 12.4\(2\)Mr Cisco IOS 12.4\(2\)Mr1 Cisco IOS 12.4\(2\)T Cisco IOS 12.4\(2\)T1 Cisco IOS 12.4\(2\)T2 Cisco IOS 12.4\(2\)T3 Cisco IOS 12.4\(2\)T4 Cisco IOS 12.4\(2\)Xa Cisco IOS 12.4\(2\)Xb Cisco IOS 12.4\(2\)Xb2 Cisco IOS 12.4\(3\) Cisco IOS 12.4\(3\)T2 Cisco IOS 12.4\(3A\) Cisco IOS 12.4\(3B\) Cisco IOS 12.4\(3D\) Cisco IOS 12.4\(4\)Mr Cisco IOS 12.4\(4\)T Cisco IOS 12.4\(4\)T2 Cisco IOS 12.4\(5\) Cisco IOS 12.4\(5B\) Cisco IOS 12.4\(6\)T Cisco IOS 12.4\(6\)T1 Cisco IOS 12.4\(7\) Cisco IOS 12.4\(7A\) Cisco IOS 12.4\(8\) Cisco IOS 12.4\(9\)T Cisco IOS 12.4\(11\)Md Cisco IOS 12.4\(15\)Md Cisco IOS 12.4\(22\)Md Cisco IOS 12.4\(22\)Mda Cisco IOS 12.4\(23\) Cisco IOS 12.4\(24\)Md Cisco IOS 12.4\(24\)Md1 Cisco IOS 12.4\(24\)Md2 Cisco IOS 12.4\(24\)Md3 Cisco IOS 12.4\(24\)Md4 Cisco IOS 12.4\(24\)Mda Cisco IOS 12.4\(24\)T1 Cisco IOS 12.4Gc Cisco IOS 12.4Ja Cisco IOS 12.4Jda Cisco IOS 12.4Jdc Cisco IOS 12.4Jdd Cisco IOS 12.4Jk Cisco IOS 12.4Jl Cisco IOS 12.4Jma Cisco IOS 12.4Jmb Cisco IOS 12.4Jx Cisco IOS 12.4Md Cisco IOS 12.4Mda Cisco IOS 12.4Mdb Cisco IOS 12.4Mr Cisco IOS 12.4Mra Cisco IOS 12.4Xm Cisco IOS 12.4Xn Cisco IOS 12.4Xp Cisco IOS 12.4Xq Cisco IOS 12.4Xr Cisco IOS 12.4Xt Cisco IOS 12.4Xv Cisco IOS 12.4Xw Cisco IOS 12.4Xy Cisco IOS 12.4Xz Cisco IOS 12.4Ya Cisco IOS 12.4Yb Cisco IOS 12.4Yd Cisco IOS 12.4Ye Cisco IOS 12.4Yg Cisco IOS 15.0 Cisco IOS 15.0\(1\)Se Cisco IOS 15.1 Cisco IOS 15.2	293

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	CISCO
NASL id	CISCO-SA-20120926-IOS-IPS.NASL
description	Cisco IOS Software contains a vulnerability in the Intrusion Prevention System (IPS) feature that could allow an unauthenticated, remote attacker to cause a reload of an affected device if specific Cisco IOS IPS configurations exist. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
last seen	2019-10-28
modified	2012-09-28
plugin id	62374
published	2012-09-28
reporter	This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/62374
title	Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability (cisco-sa-20120926-ios-ips)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References