| VID |
29047 |
| Severity |
30 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco IOS has a IOS Reload after Scanning Vulnerability(Cisco Bug ID CSCds07326).
Some security scanning software can cause a memory error in Cisco IOS Software that will cause a reload to occur. The security scanner makes TCP connection attempts to various ports, looking for open ports to further investigate known vulnerabilities with those services associated with certain ports. However, by a side effect of the tests, the router will reload unexpectedly as soon as it receives a request to review or write the configuration file.
This vulnerability will occur when a connection is attempted to any of the following TCP ports: 3100-3999, 5100-5999, 7100-7999 and 10100-10999.
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. Also, it also requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.cisco.com/warp/public/707/ios-tcp-scanner-reload-pub.shtml
http://www.kb.cert.org/vuls/id/178024
http://www.ciac.org/ciac/bulletins/l-088.shtml
* Platforms Affected:
Cisco IOS 12.1 |
| Recommendation |
Upgrade to the latest version of Cisco IOS, as listed in Cisco Security Advisory, http://www.cisco.com/warp/public/707/ios-tcp-scanner-reload-pub.shtml . Upgrades should be obtained through the Software Center on Cisco's Worldwide Web site at http://www.cisco.com . |
| Related URL |
CVE-2001-0750 (CVE) |
| Related URL |
2804 (SecurityFocus) |
| Related URL |
6589 (ISS) |
|
