Vulnerabilities > CVE-2014-2131 - Resource Management Errors vulnerability in Cisco IOS
Attack vector
ADJACENT_NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The packet driver in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a series of (1) Virtual Switching Systems (VSS) or (2) Bidirectional Forwarding Detection (BFD) packets, aka Bug IDs CSCug41049 and CSCue61890.
Common Weakness Enumeration (CWE)
Nessus
NASL family CISCO NASL id CISCO-SN-CVE-2014-2131-IOS.NASL description The remote Cisco device potentially contains an issue which is potentially affected by errors related to handling Virtual Switching Systems (VSS) or Bidirectional Forwarding Detection (BFD) traffic that could allow denial of service attacks. last seen 2020-06-01 modified 2020-06-02 plugin id 73828 published 2014-05-02 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73828 title Cisco Catalyst 4000 Series Switch Denial of Service Vulnerability (CSCug41049 / CSCue61890) code #TRUSTED 853ed8d2c1fd01bf8b451e8b55a5f79535eb33328df7694a11077ad5872a9b504ff7587db27b21f7b279ea855af8eb1a4c1352b84151a3627ce98eee43ce0add6fe6df84d2436822236f4639a36ac7acb3664ea81c0334e39c1fbb40dab42a932025bd54219db316e6e9828aea31194bb8afe0a16dd2991c88b639636e078ddfa654604ae2647fabea3a8fb47db1a9dc0525d56aeb8f7c6daaf1a1d7096f20552936892300b8ed9ed23d714276f3dafda6e6ac5c2eabeba8104e5e7b5b4ecd7ccfebcf58898eea1c01dec0062c10ad25070ef226e3b18897ec495707032c6e9743c1d003bc3498af80c2921b8f4e823d9b17e2f5b39582e35bd1c465f04fb09daf5d51e7651cc5e08eb5f70dc857f3f827f3b11fa2d83d729532bc09a5d8ec87b9af0cf203168e1f86fb69705e5f21591245bbbfa703067bcb717472779f7f88f6d5e601f1d237d2003e97ad97bc8d621d50fb457c04be2ffff2dfff2d128db7ff7c451ec29c87a782ac8bcabe8a90f1db7910ab6296ce62a56b6f7518e0d7314a63efbb4c80e1262a9fd105a47aba5f67fb3b5ee44475912a0821110aa8024e58eb3f8155b8c8413bd21af5e5ed1414afcd3e963fa299b3dc1b1e8dca55a21fe038b013812adf3551baea3eb968c011fd1d531dd6e0cc09612634f4d6b815524831b361f61094651652d322af15f373cb69e7879ef6ecf97b96624201ccf360 # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(73828); script_version("1.11"); script_cvs_date("Date: 2019/11/26"); script_cve_id("CVE-2014-2131"); script_bugtraq_id(66515); script_xref(name:"CISCO-BUG-ID", value:"CSCug41049"); script_xref(name:"CISCO-BUG-ID", value:"CSCue61890"); script_name(english:"Cisco Catalyst 4000 Series Switch Denial of Service Vulnerability (CSCug41049 / CSCue61890)"); script_summary(english:"Checks the IOS version."); script_set_attribute(attribute:"synopsis", value: "The remote device is running a vulnerable IOS version."); script_set_attribute(attribute:"description", value: "The remote Cisco device potentially contains an issue which is potentially affected by errors related to handling Virtual Switching Systems (VSS) or Bidirectional Forwarding Detection (BFD) traffic that could allow denial of service attacks."); # https://tools.cisco.com/security/center/viewAlert.x?alertId=33558 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e566a186"); script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewAlert.x?alertId=33558"); script_set_attribute(attribute:"solution", value: "Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCug41049 and CSCue61890."); script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-2131"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/03/28"); script_set_attribute(attribute:"patch_publication_date", value:"2014/03/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/02"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CISCO"); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("cisco_ios_version.nasl"); script_require_keys("Host/Cisco/IOS/Version", "Host/Cisco/IOS/Model"); exit(0); } include("audit.inc"); include("cisco_func.inc"); include("cisco_kb_cmd_func.inc"); version = get_kb_item_or_exit("Host/Cisco/IOS/Version"); flag1 = 0; flag2 = 0; # CSCug41049 if ( version == '15.2(1)IPI2' ) flag1++; if ( version == '15.2(1)E' ) flag1++; # CSCue61890 if ( version == '15.2(1)IPI2' ) flag2++; # check model model = get_kb_item("CISCO/model"); if (model) { if (model !~ "catalyst4[0-9][0-9][0-9]") audit(AUDIT_HOST_NOT, "affected"); } else { model = get_kb_item_or_exit("Host/Cisco/IOS/Model"); if (model !~ "(^|[^0-9])4[0-9][0-9][0-9]($|[^0-9])") audit(AUDIT_HOST_NOT, "affected"); } if (flag1 && flag2) fix = 'CSCug41049 and CSCue61890'; else if (flag1 && !flag2) fix = 'CSCug41049'; else if (!flag1 && flag2) fix = 'CSCue61890'; override = FALSE; if (get_kb_item("Host/local_checks_enabled")) { if (flag1 || flag2) { flag1 = 0; flag2 = 0; # Look for BFD buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config"); if (check_cisco_result(buf)) { if (preg(string:buf, pattern:"bfd\s+interval\s+\d+\s+min_rx\s+\d+\s+multiplier\s+\d", multiline:TRUE)) { flag1 = 1; flag2 = 1; } } else if (cisco_needs_enable(buf)) { flag1 = 1; flag2 = 1; override = TRUE; } # Look for VSS buf2 = cisco_command_kb_item("Host/Cisco/Config/show_mod", "show mod"); if (check_cisco_result(buf2)) { if (preg(string:buf2, pattern:"Switch Number:\s+\d+\s+Role:\s+Virtual Switch Active", multiline:TRUE)) { flag1 = 1; flag2 = 1; override = FALSE; } } else if (cisco_needs_enable(buf2)) { flag1 = 1; flag2 = 1; override = TRUE; } } } if (flag1 || flag2) { report = '\n Cisco Bug ID : ' + fix + '\n Installed release : ' + version + '\n'; security_warning(port:0, extra:report + cisco_caveat(override)); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family CISCO NASL id CISCO-SN-CVE-2014-2131-IOSXE.NASL description The remote Cisco device is affected by a denial of service vulnerability in its packet driver code when handling Virtual Switching Systems (VSS) or Bidirectional Forwarding Detection (BFD) traffic. An unauthenticated, adjacent attacker can exploit this to cause a device reload. Note that this issue only affects Cisco Catalyst 4000 Series switches. last seen 2020-06-01 modified 2020-06-02 plugin id 73829 published 2014-05-02 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73829 title Cisco IOS XE VSS / BDF Traffic DoS (CSCug41049 / CSCue61890) code #TRUSTED 7b1b184f0bad3444339f170ac4d72344f9e506e94cbf15c098fe9ec62807d78bb32ed5256da4018c2a3e81761e8ce9eb25cb966ca462429dceb9ce1d6fdee8f64fcd964ac7402e44d3b7c2733e788a47ace9f660d13e99a860754fa150407d90c3b909b657428d605ec266824b0ed6138f79d10111f617e192360f4d7497866e40682a56bd94d33bcec9d1d3396a0809bf92142856da8c62c77d4f5281265b8c73b302c620e615bdc2f8c2ee138c64cef90f8de481a551fb0e87a86c6aad1fce17e75e9ed63448235d71e045c7f7cb0baad58ef39c87cbedbb8b929a6275b7859f3c51c14fa4d7bf276dc3727cd61f10ea90a2aa1976d01538b2cc0d2488c07e8e2752cc9005593b98d60fa3c728ae4f97b6b48e023fa135fc6407d35dd7270c211eba10fad343eb69108e948f1143101fe6878f9fe750f4f032615592f3e628878d76740698321644f96ba80bc5deb6770adcf07f8b499dfd85f57d014cc6948c612d99c43ad41045df7ffc4036d0af9cc2edd9ca05d7b9f852b9e28ff87a9bd189e93ab9daad59d2e05f546904b875976820c41508bdd605ff53b7aec972d334f9ca095f1f7c022946d6034571f8dda2bcd04be35873a85ac88a9092f79cbb602f497147724a897adb09f4153ba6e9a246a19d7d99df1cca39230865b23d8fa5db9c7ed6fc488d744b584966bfbefb9f69013759d74750fc31cf63c3b06120 # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(73829); script_version("1.10"); script_cvs_date("Date: 2019/11/26"); script_cve_id("CVE-2014-2131"); script_bugtraq_id(66515); script_xref(name:"CISCO-BUG-ID", value:"CSCug41049"); script_xref(name:"CISCO-BUG-ID", value:"CSCue61890"); script_name(english:"Cisco IOS XE VSS / BDF Traffic DoS (CSCug41049 / CSCue61890)"); script_summary(english:"Checks the IOS XE version."); script_set_attribute(attribute:"synopsis", value: "The remote device is affected by a denial of service vulnerability."); script_set_attribute(attribute:"description", value: "The remote Cisco device is affected by a denial of service vulnerability in its packet driver code when handling Virtual Switching Systems (VSS) or Bidirectional Forwarding Detection (BFD) traffic. An unauthenticated, adjacent attacker can exploit this to cause a device reload. Note that this issue only affects Cisco Catalyst 4000 Series switches."); script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewAlert.x?alertId=33558"); script_set_attribute(attribute:"solution", value: "Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCug41049 and CSCue61890."); script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/03/28"); script_set_attribute(attribute:"patch_publication_date", value:"2014/03/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/02"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xe"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CISCO"); script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("cisco_ios_xe_version.nasl"); script_require_keys("Host/Cisco/IOS-XE/Version"); exit(0); } include("audit.inc"); include("cisco_func.inc"); include("cisco_kb_cmd_func.inc"); version = get_kb_item_or_exit("Host/Cisco/IOS-XE/Version"); flag=0; model = get_kb_item_or_exit("Host/Cisco/IOS-XE/Model"); if (model !~ "Catalyst 4[0-9][0-9][0-9]($|[^0-9])") audit(AUDIT_HOST_NOT, "affected"); if (version == '3.0.2.1') flag++; override = FALSE; cmds = make_list(); if (get_kb_item("Host/local_checks_enabled") && flag) { flag = 0; # Look for BFD buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config", "show running-config"); if (check_cisco_result(buf)) { if (preg(string:buf, pattern:"bfd\s+interval\s+\d+\s+min_rx\s+\d+\s+multiplier\s+\d", multiline:TRUE)) { flag = 1; cmds = make_list('show running-config'); } } else if (cisco_needs_enable(buf)) { flag = 1; override = TRUE; } # Look for VSS buf = cisco_command_kb_item("Host/Cisco/Config/show_mod", "show mod"); if (check_cisco_result(buf)) { if (preg(string:buf, pattern:"Switch Number:\s+\d+\s+Role:\s+Virtual Switch Active", multiline:TRUE)) { flag = 1; override = FALSE; cmds = make_list(cmds, 'show mod'); } } else if (cisco_needs_enable(buf)) { flag = 1; override = TRUE; } if (!flag && !override) audit(AUDIT_OS_CONF_NOT_VULN, "Cisco IOS XE", version); } if (flag || override) { security_report_cisco( port : 0, severity : SECURITY_WARNING, override : override, version : version, bug_id : "CSCug41049, CSCue61890", cmds : cmds ); } else audit(AUDIT_HOST_NOT, "affected");
Seebug
| bulletinFamily | exploit |
| description | Bugtraq ID:66515 CVE ID:CVE-2014-2131 Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。 攻击者可以发送特殊的Virtual Switching Systems (VSS)或Bidirectional Forwarding Detection (BFD)报文给受影响设备,可导致拒绝服务攻击。 0 Cisco IOS 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2131 |
| id | SSV:62020 |
| last seen | 2017-11-19 |
| modified | 2014-04-01 |
| published | 2014-04-01 |
| reporter | Root |
| title | Cisco IOS Software远程拒绝服务漏洞 |