Korean

<< Back VID 29037 Severity 30 Port 161 Protocol UDP Class CISCO Detailed Description The CISCO IOS has a Accepting of wrong ICMP Redirects vulnerability (CISCO Bug ID CSCdx92043). This vulnerability can allow a remote attacker to either disrupt or intercept communication from a router. The device is only vulnerable if IP routing is disabled. The router with IP routing is enabled(by default) receives and recognizes but ignores the ICMP redirect packets. Otherwise, with IP routing is disabled the router will act as a Host and accept ICMP redirect packets. Thus, when a malicious user sends bogus ICMP redirect packets, a router has IP routing disabled it will accept bogus ICMP redirect packets and modify its routing table accordingly. * Note: This check solely relies on the version number of the remote system to assess this vulnerability, so this may be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor. * References: http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_field_notice09186a0080149a04.shtml http://www.securitytracker.com/alerts/2003/Feb/1006075.html * Platforms Affected: Cisco IOS All versions except for the following fixed versions. 12.2(13.03)B 12.2(12.05)B 12.2(12.05)S 12.2(12.05) 12.2(12.02)S 12.2(12.02)T Recommendation Upgrade to one of the fixed versions of Cisco IOS, as listed below. Upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com . 12.2(13.03)B 12.2(12.05)B 12.2(12.05)S 12.2(12.05) 12.2(12.02)S 12.2(12.02)T As a workaround, prevent the router from acting upon received ICMP redirect packets using the following configuration command. Router(config)# no ip icmp redirect For details, see http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_field_notice09186a0080149a04.shtml Related URL (CVE) Related URL 6823 (SecurityFocus) Related URL 11306 (ISS)